Unrated severityNVD Advisory· Published Mar 8, 2025· Updated May 12, 2025
CVE-2025-27840
CVE-2025-27840
Description
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
12- cheriot.org/auditing/backdoor/2025/03/09/no-esp32-style-backdoor.htmlmitre
- darkmentor.com/blog/esp32_non-backdoor/mitre
- flyingpenguin.commitre
- github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdfmitre
- news.ycombinator.com/itemmitre
- news.ycombinator.com/itemmitre
- reg.rootedcon.com/cfp/schedule/talk/5mitre
- www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/mitre
- www.bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices/mitre
- www.espressif.com/en/news/Response_ESP32_Bluetoothmitre
- www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/mitre
- x.com/pascal_gujer/status/1898442439704158276mitre
News mentions
0No linked articles in our index yet.