Last week it was widely reported that a ‘backdoor’ had been discovered in Espressif’s ESP32 microcontroller - the most common microcontroller used in IoT devices.
The actual find was a collection of vendor-specific commands (VSCs) that are standard with any Bluetooth adapter but are typically kept undocumented to prevent untrusted users from running them.
Tarlogic, the firm that discovered them, claimed that they enabled the keys to be dumped from RAM, but other experts have rubbished this claim, saying it was another “backdoor”.
While this could be seen as a security flaw, it is a common feature and is present in many other Bluetooth adapters from different manufacturers, who also generally keep them undocumented.
These VSCs also enable a manufacturer to update a device’s firmware via Bluetooth rather than having to RMA (return merchandise authorisation) a unit.
