A potential security issue has been discovered by cybersecurity researchers that has the capability to affect more than one billion devices.
According to researchers at the cybersecurity firm Tarlogic,Uncategorized Archives a hidden command has been foundcoded into a bluetooth chip installed in devices around the world. This secret functionality can be weaponized by bad actors and, according to the researchers, used as an exploit into these devices.
Using these commands, hackers could impersonate a trusted device and then connect to smartphones, computers, and other devices in order to access information stored on them. Bad actors can continue to utilize their connection to the device to essentially spy on users.
The bluetooth chip is called ESP32 and is manufactured by the China-based company Espressif. According to researchers, the ESP32 is "a microcontroller that enables WiFi and Bluetooth connection." In 2023, Espressif reported that one billion units of its ESP32 chip had been sold globally. Millions of IoT devices like smart appliances utilize this particular ESP32 chip.
Tarlogic researchers say that this hidden command could be exploited, which would allow "hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls." Tarlogic says that these commands are not publicly documented by Espressif.
Researchers with Tarlogic developed a new Bluetooth driver tool in order to aid in Bluetooth-related security research, which enabled the security firm to discover a total of 29 hidden functionalities that could be exploited to impersonate known devices and access confidential information stored on a device.
According to Tarlogic, Espressif sells these bluetooth chips for roughly $2, which explains why so many devices utilize the component over higher costing options.
As BleepingComputerreports, the issue is being tracked as CVE-2025-27840.
Topics Bluetooth Cybersecurity
Norrie vs. Diallo 2025 livestream: Watch Madrid Open for free
Dude sneaks NSFW sign into live TV broadcast
Deep sea craft filmed unprecedented footage of a colossal squid
Here's the real data on Trump's Twitter followers (who are a bunch of eggs)
Study trains Port Jackson sharks to respond to jazz music
Belgian company implants microchip IDs in employees
People can't believe a supermarket is selling a single boxed strawberry for $22
Facebook to give employees more time to grieve
Every MCU movie villain ranked, from "Iron Man" to "Thunderbolts*"
Grandpa and baby's matching T
Adrien Brody wins Best Actor for 'The Brutalist' at the 2025 Oscars
4 small things successful people do to see big results
Christie Brinkley appears to defy gravity in 'Sports Illustrated' swimsuit issue
You can now get paid to shove chocolate into your face hole
NYT Strands hints, answers for May 2
This TV company was spying on you until it was called out
Mash up all your favourite 2000s tunes with this very addictive website
Powerful New Orleans tornado damages NASA's Michoud rocket factory
Comparing Team Communication Apps: What Do You Get for Free?
'Jane the Virgin' showrunner promises Jane will 'rise up' after tragic twist
Long Pregnant Summer: Kim, Kate, and Stella by Sarah Funke ButlerHappy Birthday, Julia by Sadie SteinSex on the Beach by M.J. MooreIn Case You Missed It... by Sadie SteinThe MyPillow guy tweeted his company's official Twitter account into a permanent banEmma Cline’s “Marion” by Lorin SteinAugust by Sadie SteinJohn Hollander, 1929–2013 by Sadie SteinHappy Birthday, Sara Teasdale by Sadie SteinThe Immortality Chronicles: Part One by Adam Leith GollnerWrench by Eric NeuenfeldtThe sun pelts itself with colossal 'shooting stars'How to sign up to ThreadsTo Be or Not To Be? And Other News by Sadie Stein'Insidious: The Red Door' review: A fine final chapter to close The FurtherIn the Ninth by Mark ChiusanoHell Is Other Gamers by Sadie SteinThe Weeknd's halftime show was full of bandaged dancers and the memes flooded inAnd Tremble by Sadie Stein'Pokémon Sleep' app launching in July What to do on Christmas Day when you don't even celebrate Christmas Souvenir by Lucy Sante Reddit down on December 11: Here's why. Part Love Letter, Part Cookbook by The Paris Review Three Sisters, Three Summers in the Greek Countryside by Karen Van Dyck I Am the Mother of This Eggshell by Sabrina Orah Mark On Excavation: The Paintings of Mark Bradford by John Vincler Watch porn with your partner. It could help your relationship. Whither The Golden Penetrators? by Dan Piepenbring NYT's The Mini crossword answers for December 10 Apple AirPods deal: $139 at Amazon David Berman, Slacker God by Erin Somers James Alan McPherson’s Powerful, Strangely Frightening Stories by Edward P. Jones How do porn stars squirt on camera? The Queer Crime That Launched the Beats by James Polchin Massive US emergency alert test message to be sent in October. What to know. Ncuti Gatwa shines in new 'Doctor Who' Disney+ trailer Google Nest Doorbell deal: $119.99 at Amazon On Wingspan: Joan Mitchell’s Reach by John Vincler [Update] This app sends Android texts as blue 'iMessage' bubbles
2.2206s , 10112.3203125 kb
Copyright © 2025 Powered by 【Uncategorized Archives】,Unobstructed Information Network