Undocumented backdoor found in ESP32

[Franco]

It didn't look like the best marketing initiative.
They apologized on X (Twitter).

Thanks for clarifying.

So just a marketing stunt by Tarlogic trying to sell their Bluetooth driver software - purely accidentally implying that "billions of Espressif IoT chips" in the field are security compromised in the process

[chegewara]

Few years back, when espressif released first esp32, there was a program where anyone could report security issues and could earn some $$$.

Now, as i understand there is some vulnerability which is not related to espressif design specifically, but bluetooth design itself.
I am wondering when we can see another article about espressif USB "backdoors" with USB duck-duck pendrives, which let user to take over control of PC or maybe just to compromise esp32 device with this.

[Sprite]

Few years back, when espressif released first esp32, there was a program where anyone could report security issues and could earn some $$$.

We still have that program; these people could have indeed gotten some money if they informed us and practiced responsible disclosure.