The ESP32 chip, widely used in smart devices, possesses undocumented Bluetooth commands that researchers warn could be exploited for various attacks. The security firm Tarlogic found 29 such commands that allow low-level manipulations, including memory access and device impersonation. Though these commands aren't dangerous by themselves, they could serve malicious purposes like introducing backdoors and evading security measures. This could jeopardize both personal and business data, necessitating heightened awareness and security protocols for devices using the ESP32.
"Malicious actors could impersonate known devices to connect to mobile phones, computers and smart devices, even if they are in offline mode... to spy on citizens and companies."
"Researchers at security firm Tarlogic discovered 29 undocumented Host Controller Interface commands within the ESP32's Bluetooth firmware... enabling low-level control over Bluetooth functions..."
Collection
[
|
...
]