The ESP32 "backdoor" that wasn't | Dark Mentor LLC

cbrake · March 19, 2025, 2:16pm

Recently, a security article was published about a “backdoor” in the ESP32:

https://nvd.nist.gov/vuln/detail/CVE-2025-27840

Another security researching commented:

Then Espressif responded:

Now that MCUs are connected, security is a concern, so it is good to see it is being taken seriously. It is also interesting how things can be perceived as a problem (especially with media) attention that may not be.

khem · March 20, 2025, 12:59am

connected devices and everything is connected these days, need a different mindset developing them, developing products using these devices. security is key consideration. Errors will happen, then it comes down to how quickly can you patch it. Perhaps robust update mechanisms are a must on practically any device