Backdoor discovered in Espressif Bluetooth microcontroller

Researchers in Spain have identified hidden commands in a low-cost microcontroller from Espressif that is widely used across the Internet of Things (IoT). The team at Tarlogic Innovation in Madrid have presented research revealing undocumented commands in the ESP32 integrated Bluetooth microcontroller from Chinese chip designer Espressif, which is present in millions of smart devices. The controller uses either the configurable Tensilica LX7 core from Cadence Design Systems or a RISC-V core with an extended instruction set architecture designed in-house.

• Espressif moves to RISC-V

However, this comes a day after Espressif announced that its ESP32-C6 microcontroller has achieved PSA Certified Level 2 (PSA-L2) security certification. This makes the ESP32-C6 the first RISC-V-based product to attain this level of security certification and could avoid issues with the hidden commands. Espressif said this underscores its commitment to delivering robust, secure, and reliable IoT solutions, but it hasn’t commented on the Tarlogic research.

Achieving PSA Level 2 certification signifies that the ESP32-C6’s PSA Root of Trust (PSA-RoT) has undergone laboratory evaluation, demonstrating its resilience against scalable software attacks and potentially protecting against the use of the hidden commands for unauthorized software. “Achieving PSA-L2 certification for the ESP32-C6 underscores our unwavering commitment to providing affordable security, making advanced protection more accessible to developers and businesses alike,” said Teo Swee Ann, Founder and CEO of Espressif Systems. “With evolving global regulations, our platform is designed to help customers navigate these requirements while delivering secure, reliable, and future-proof products.”

The team at Tarlogic initially said these commands could be used as a backdoor in existing ESP32 devices out in the field and that exploitation of this hidden functionality would allow hostile actors to conduct impersonation attacks. This could be used to permanently infect sensitive devices such as mobile phones, computers, smart locks, or medical equipment by bypassing code audit controls.

• Visualizing WiFI signals with an ESP32 array antenna
• Plumerai ports people detection AI to ESP32-S3 microcontroller

“We would like to clarify that it is more appropriate to refer to the presence of proprietary HCI commands—which allow operations such as reading and modifying memory in the ESP32 controller—as a ‘hidden feature’ rather than a ‘backdoor,’” said the team in an update earlier today. “The use of these commands could facilitate supply chain attacks, the concealment of backdoors in the chipset, or the execution of more sophisticated attacks. Over the coming weeks, we will publish further technical details on this matter.”

The company has presented the research at RootedCON, the world’s largest Spanish-language cybersecurity conference. This uses BluetoothUSB, a free tool developed by Tarlogic that enables the development of tests for Bluetooth security audits regardless of the operating system of the devices. The researchers reviewed multiple Bluetooth devices using their methodology, which systematizes the performance of Bluetooth security audits. This found the hidden commands that allow modification of the chips to unlock additional functionalities, inject malicious code, or carry out attacks of identity theft of devices.

This could allow malicious actors to impersonate known devices to connect to mobile phones, computers, and smart devices, even if they are in offline mode. The PSA Level 2 certification validates resistance to software attacks and protection of critical assets with Physical Memory Protection (PMP) and Access Permission Management (APM). The PMP and the APM in the ESP32-C6 enforce hardware-based access control, ensuring secure memory isolation and privilege separation.

A Digital Signature Peripheral enables secure cryptographic operations by generating digital signatures in hardware, ensuring that private keys remain protected and never exposed to software, thereby preventing unauthorized firmware modifications and tampering. Secure Boot ensures that only authenticated firmware can be executed, preventing unauthorized code modifications, while encryption of the flash memory protects stored data from unauthorized access by encrypting the contents of external flash memory.

As a PSA Level 2 certified device, the ESP32-C6 adheres to the Security Model defined by PSA Certified. At the core of this Security Model is the ESP-TEE, which is anchored in immutable hardware and functions as the Platform Root of Trust. ESP-TEE provides hardware-enforced isolation, ensuring that trusted applications run in a protected environment, shielded from potential threats in the non-secure domain. This enhances security for critical operations such as cryptographic key management, secure boot verification, and firmware updates.