Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 2
Last scraped
Scraped on 19/04/2025, 06:07:09 UTC
Quote from: nc50lc on April 18, 2025, 08:46:13 AM

They take that those articles are mostly "clickbait".


Agreed, the article is from the class of media hype.



Quote from: Stalker22 on April 18, 2025, 07:55:07 PM
I see that this flaw in the chip design is already known in certain circles.


The presence of the flaw in design of  ESP32 chip by Espressif is suggested by media that in fact is misinformation.

Those  so-called "hidden commands" are actually internal HCI debug commands. The latter are meantintended for development and diagnostic purposes and are only accessible via USB or UART interfaces. Those  commands cannot be exucated remotely through Bluetooth/Wi-Fi, no vulnerability from this side.

These debug commands were inadvertently left in the firmware. Espressif Systems has acknowledged this and has committed to removing them in the upcoming firmware update for the affected chip.

Quote from: https://www.espressif.com/en/news/response_esp32_bluetooth
Version 1
Scraped on 19/04/2025, 05:41:59 UTC
Quote from: nc50lc on April 18, 2025, 08:46:13 AM

They take that those articles are mostly "clickbait".


Agreed, the article is from the class of media hype.



Quote from: Stalker22 on April 18, 2025, 07:55:07 PM
I see that this flaw in the chip design is already known in certain circles.


The presence of the flaw in design of  ESP32 chip by Espressif is suggested by media that in fact is misinformation.

Those  so-called "hidden commands" are actually internal HCI debug commands. The latter are meant for development and diagnostic purposes and are only accessible via USB or UART interfaces. Those  commands cannot be exucated remotely through Bluetooth/Wi-Fi, no remote vulnerability from this side.

These debug commands were inadvertently left in the firmware. Espressif Systems has acknowledged this and has committed to removing them in the upcoming firmware update for the affected chip.

Quote from: https://www.espressif.com/en/news/response_esp32_bluetooth
Original archived Re: Critical vulnerability discovered in ESP32 chip
Scraped on 19/04/2025, 05:36:47 UTC
Quote from: Stalker22 on April 18, 2025, 07:55:07 PM
I see that this flaw in the chip design is already known in certain circles.


The presence of the flaw in design of  ESP32 chip by Espressif is suggested by media that in fact is misinformation.

Those  so-called "hidden commands" are actually internal HCI debug commands. The latter are meant for development and diagnostic purposes and are only accessible via USB or UART interfaces. Those  commands cannot be exucated remotely through Bluetooth/Wi-Fi, no remote vulnerability from this side.

These debug commands were inadvertently left in the firmware. Espressif Systems has acknowledged this and has committed to removing them in the upcoming firmware update for the affected chip.

Quote from: https://www.espressif.com/en/news/response_esp32_bluetooth