Slashdot: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices

Mar 8, 2025

—

Source URL: https://hardware.slashdot.org/story/25/03/08/2027216/undocumented-backdoor-found-in-chinese-bluetooth-chip-used-by-a-billion-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices

Feedly Summary:

AI Summary and Description: Yes

Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip by researchers from Tarlogic Security highlights significant security vulnerabilities in IoT devices. This backdoor could facilitate various attacks, including device impersonation and unauthorized data access, raising alarms for professionals focusing on hardware and infrastructure security.

Detailed Description:
The article outlines a concerning security finding regarding the ESP32 microchip manufactured by Espressif, a component widely utilized in over 1 billion IoT devices. Key insights include:

– **Backdoor Discovery**: Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco unveiled an undocumented backdoor within the ESP32 microcontroller at RootedCON in Madrid.
– **Potential Risks**:
– **Impersonation Attacks**: Attackers could spoof trusted devices, leading to unauthorized access and manipulation of sensitive systems.
– **Persistence**: The backdoor provides the capability to maintain ongoing control over compromised devices, enabling long-term threats.
– **Sensitive Devices at Risk**: Affected devices include mobile phones, computers, smart locks, and medical equipment, emphasizing the broad implications for personal and public safety.
– **Technical Findings**:
– Tarlogic Security created a new C-based USB Bluetooth driver to uncover the backdoor, revealing 29 undocumented commands in the Bluetooth firmware.
– These commands facilitate direct device access for low-level operations such as memory manipulation, MAC address spoofing, and packet injection.
– **Manufacturer Response**: Espressif has not commented on the intent behind the undocumented commands, suggesting either an oversight or an intentional lack of disclosure.

This discovery poses critical implications for IoT security and highlights the need for stringent security audits and increased transparency regarding device firmware and hardware controls within the industry. The potential for exploitation poses risks that must be addressed by professionals involved in hardware security, infrastructure security, and compliance regulations related to IoT devices.

1 2 3 5 7 a access Act AI and Arch ARM art as attack attackers attacks audit Audits backdoor based Bluetooth Bluetooth firmware by C CERN Chinese Chinese Bluetooth chip chip command compliance compliance regulations compute computer control controls critical D data data access de device firmware device impersonation disclosure document DoT e equipment Espressif exp exploit Exploitation fact firmware for g Gen Go gs H hardware hardware co hardware security high Highlight HR http HTTPS impersonation implications in industry infrastructure infrastructure security injection insights intent IoT IoT Devices IoT Security J k Key l led Li Link logic long low mac man manipulation memory Micro Microcontroller Mobile N nation no non o of on one operation ory OT Security out over oversight potential potential risks pre professionals public public safety R raising RCE red Regulation regulations research researchers response Risk risks Ro Root Rust s safe safety search sec security security audit security audits Security Vulnerabilities Sig source spoofing SSE system systems T Tarlogic Security tech the threat threats to Tor TP transparency trust UI unauthorized access unauthorized data access undocumented commands US use uth V vulnerabilities Ware Wi x