If you don't want to read the whole thing, here is the brief version.
Internal Debug Commands:Internal Debug Commands: These commands are meant for use by developers and are not accessible remotely. Having such private commands is not an uncommon practice.
No Remote Access: They cannot be triggered by Bluetooth, radio signals, or over the Internet, meaning they do not pose a risk of remote compromise of ESP32 devices.
Security Impact: While these debug commands exist, they cannot, by themselves, pose a security risk to ESP32 chips. Espressif will still provide a software fix to remove these undocumented commands.
Scope: If ESP32 is used in a standalone application and not connected to a host chip that runs a BLE host, the aforementioned HCI commands are not exposed and there is no security threat.
Affected Chipsets: These commands are present in the ESP32 chips only and are not present in any of the ESP32-C, ESP32-S, and ESP32-H series of chips.** These commands are meant for use by developers and are not accessible remotely. Having such private commands is not an uncommon practice.
No Remote Access: They cannot be triggered by Bluetooth, radio signals, or over the Internet, meaning they do not pose a risk of remote compromise of ESP32 devices.
Security Impact: While these debug commands exist, they cannot, by themselves, pose a security risk to ESP32 chips. Espressif will still provide a software fix to remove these undocumented commands.
Scope: If ESP32 is used in a standalone application and not connected to a host chip that runs a BLE host, the aforementioned HCI commands are not exposed and there is no security threat.
Affected Chipsets: These commands are present in the ESP32 chips only and are not present in any of the ESP32-C, ESP32-S, and ESP32-H series of chips.
Archive: https://archive.today/UETPX
From the post:
>Recently, some media have reported on a press release initially calling out ESP32 chips for having a “backdoor”. Of note is that the original press release by the Tarlogic research team was factually corrected to remove the “backdoor” designation. However, not all media coverage has been amended to reflect this change. Espressif would like to take this opportunity to clarify this matter for our users and partners.
If you don't want to read the whole thing, here is the brief version.
**Internal Debug Commands:Internal Debug Commands:** These commands are meant for use by developers and are not accessible remotely. Having such private commands is not an uncommon practice.
**No Remote Access:** They cannot be triggered by Bluetooth, radio signals, or over the Internet, meaning they do not pose a risk of remote compromise of ESP32 devices.
**Security Impact:** While these debug commands exist, they cannot, by themselves, pose a security risk to ESP32 chips. Espressif will still provide a software fix to remove these undocumented commands.
Scope: If ESP32 is used in a standalone application and not connected to a host chip that runs a BLE host, the aforementioned HCI commands are not exposed and there is no security threat.
**Affected Chipsets:** These commands are present in the ESP32 chips only and are not present in any of the ESP32-C, ESP32-S, and ESP32-H series of chips.** These commands are meant for use by developers and are not accessible remotely. Having such private commands is not an uncommon practice.
**No Remote Access:** They cannot be triggered by Bluetooth, radio signals, or over the Internet, meaning they do not pose a risk of remote compromise of ESP32 devices.
Security Impact: While these debug commands exist, they cannot, by themselves, pose a security risk to ESP32 chips. Espressif will still provide a software fix to remove these undocumented commands.
Scope: If ESP32 is used in a standalone application and not connected to a host chip that runs a BLE host, the aforementioned HCI commands are not exposed and there is no security threat.
Affected Chipsets: These commands are present in the ESP32 chips only and are not present in any of the ESP32-C, ESP32-S, and ESP32-H series of chips.
Archive: https://archive.today/UETPX
From the post:
>>Recently, some media have reported on a press release initially calling out ESP32 chips for having a “backdoor”. Of note is that the original press release by the Tarlogic research team was factually corrected to remove the “backdoor” designation. However, not all media coverage has been amended to reflect this change. Espressif would like to take this opportunity to clarify this matter for our users and partners.
