• socphoenix@midwest.social
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      2
      ·
      2 days ago

      The security researcher, LimitedResults, coordinated disclosure with Espressif on their advisory and details of the exploit. The attack works against eFuse, a one-time programmable memory where data can be burned to the device.

      By burning a payload into the device’s eFuse, no software update can ever reset the fuse and the chip must be physically replaced or the device discarded. A key risk is that the attack does not fully replace the firmware, so the device may appear to work as normal.

      Why does a random esp32 chip need efuses in the first place??

      • Dave.@aussie.zone
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        2 days ago

        It’s designed and implemented for copy protection. Otherwise you can design a esp32 device that includes software you’ve written and 15 minutes later a clone device with exactly the same software will appear on <insert Chinese electronics website here>