The security researcher, LimitedResults, coordinated disclosure with Espressif on their advisory and details of the exploit. The attack works against eFuse, a one-time programmable memory where data can be burned to the device.
By burning a payload into the device’s eFuse, no software update can ever reset the fuse and the chip must be physically replaced or the device discarded. A key risk is that the attack does not fully replace the firmware, so the device may appear to work as normal.
Why does a random esp32 chip need efuses in the first place??
It’s designed and implemented for copy protection. Otherwise you can design a esp32 device that includes software you’ve written and 15 minutes later a clone device with exactly the same software will appear on <insert Chinese electronics website here>
Why does a random esp32 chip need efuses in the first place??
It’s designed and implemented for copy protection. Otherwise you can design a esp32 device that includes software you’ve written and 15 minutes later a clone device with exactly the same software will appear on <insert Chinese electronics website here>