Cybersecurity Flaw Discovered in Popular ESP32 Microcontroller
25 March 2025 · Uncategorized ·
At the recent RootedCON conference in Madrid, security firm Tarlogic disclosed a vulnerability within Espressif's ESP32 chip. Researchers discovered hidden functions that could be exploited by hackers to modify settings or install malicious programs on devices utilizing this widely-used component—raising significant safety concerns for Internet of Things (IoT) ecosystems.
Miguel Tarascó and @antonvblanco revealed the findings at RootedCON, presenting a tool designed to perform Bluetooth security audits across various gadgets. [https://t.co/Q646g8s1vS](https://t.co/Q646g8s1vS) – Tarlogic (@Tarlogic), March 6, 2025
The ESP32 chip from Espressif is projected to be integrated into over one billion IoT devices globally. Using their cybersecurity software, BluetoothUSB, Tarlogic identified these previously unknown functions. Espressif Inc., a company listed on the STAR Market of Shanghai Stock Exchange, relies heavily on the ESP32 as its flagship product and maintains partnerships with major corporations including Baidu, Xiaomi, and Amazon.
The investigation revealed 29 concealed Host Controller Interface (HCI) commands within the chip—including memory write operations. These vulnerabilities have been assigned CVE-2025-27840 and could allow attackers to modify chips for purposes such as unlocking additional functionality or conducting identity theft attacks. Exploitation of these hidden features would enable hackers to infiltrate phones, computers, and smart devices, potentially stealing sensitive data or monitoring user activity.
Currently, Espressif has not implemented enhanced security measures for this low-cost chip (approximately two euros). Users await an official announcement regarding protective steps they can take in response to the vulnerability.
(Lead image source: Tarlogic)
Miguel Tarascó and @antonvblanco revealed the findings at RootedCON, presenting a tool designed to perform Bluetooth security audits across various gadgets. [https://t.co/Q646g8s1vS](https://t.co/Q646g8s1vS) – Tarlogic (@Tarlogic), March 6, 2025
The ESP32 chip from Espressif is projected to be integrated into over one billion IoT devices globally. Using their cybersecurity software, BluetoothUSB, Tarlogic identified these previously unknown functions. Espressif Inc., a company listed on the STAR Market of Shanghai Stock Exchange, relies heavily on the ESP32 as its flagship product and maintains partnerships with major corporations including Baidu, Xiaomi, and Amazon.
The investigation revealed 29 concealed Host Controller Interface (HCI) commands within the chip—including memory write operations. These vulnerabilities have been assigned CVE-2025-27840 and could allow attackers to modify chips for purposes such as unlocking additional functionality or conducting identity theft attacks. Exploitation of these hidden features would enable hackers to infiltrate phones, computers, and smart devices, potentially stealing sensitive data or monitoring user activity.
Currently, Espressif has not implemented enhanced security measures for this low-cost chip (approximately two euros). Users await an official announcement regarding protective steps they can take in response to the vulnerability.
(Lead image source: Tarlogic)