Source Link Privacy.
Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices. Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls.
Update: The ESP32 “backdoor” that wasn’t.
I was reading someone else’s explanation and they said it’s the equivalent of every computer possibly having a backdoor because there is code in a computer that a bad actor can use. There are extra commands that could possibly be used for a backdoor if a malicious actor found a way to use those bits of code. It’s much less oh here is a security vulnerability that is being used and more of a if a robber breaks into our house which is possible they will rob us situation.