Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 18/04/2025, 08:51:14 UTC
Quote from: Stalker22 on April 17, 2025, 09:23:12 PM
The specifics are still fuzzy, but I read that some hackers showed they could actually drain a hardware wallet by taking advantage of this bug.
Hmm, I don't know but their reference "CVE-2025-27840" doesn't contain any information about a vulnerability in the chip's RNG.
If it's a problem caused by any those "hidden commands", the article didn't explained it clearly.

On a related topic, its maintainer mentioned that the discovered undocumented featurescommands aren't an issue: github.com/orgs/espruino/discussions/7699#discussioncomment-12447043
They take that those articles are mostly "clickbait".
But someone who discovered something that's hidden which isn't documented anywhere, they'll think that it's a backdoor.
(but of course DYOR)
Original archived Re: Critical vulnerability discovered in ESP32 chip
Scraped on 18/04/2025, 08:46:13 UTC
Quote from: Stalker22 on April 17, 2025, 09:23:12 PM
The specifics are still fuzzy, but I read that some hackers showed they could actually drain a hardware wallet by taking advantage of this bug.
Hmm, I don't know but their reference "CVE-2025-27840" doesn't contain any information about a vulnerability in the chip's RNG.
If it's a problem caused by any those "hidden commands", the article didn't explained it clearly.

On a related topic, its maintainer mentioned that the undocumented features aren't an issue: github.com/orgs/espruino/discussions/7699#discussioncomment-12447043
They take that those articles are mostly "clickbait".
(but of course DYOR)