Re: Undocumented backdoor found in ESP32
Posted: Tue Mar 11, 2025 2:43 am
by Franco
It didn't look like the best marketing initiative.
They apologized on X (Twitter).
Thanks for clarifying.
So just a marketing stunt by Tarlogic trying to sell their Bluetooth driver software - purely accidentally implying that "billions of Espressif IoT chips" in the field are security compromised in the process
Re: Undocumented backdoor found in ESP32
Posted: Wed Mar 12, 2025 5:36 pm
by chegewara
Few years back, when espressif released first esp32, there was a program where anyone could report security issues and could earn some $$$.
Now, as i understand there is some vulnerability which is not related to espressif design specifically, but bluetooth design itself.
I am wondering when we can see another article about espressif USB "backdoors" with USB duck-duck pendrives, which let user to take over control of PC or maybe just to compromise esp32 device with this.
Re: Undocumented backdoor found in ESP32
Posted: Thu Mar 13, 2025 3:55 am
by Sprite
Few years back, when espressif released first esp32, there was a program where anyone could report security issues and could earn some $$$.
We still
have that program; these people could have indeed gotten some money if they informed us and practiced responsible disclosure.