Bluetooth chip flaw risks a billion devices worldwide

A security flaw in the ESPC32 Bluetooth chip, used in billions of devices, allows unauthorized remote access and data extraction. Researchers at Tarlogic discovered undocumented commands that could enable malicious activities. The ESPC32 chip, made by the Chinese company Espressif, is popular due to its low cost of about $2. It is commonly found in many Internet of Things (IoT) devices worldwide. Tarlogic initially referred to the issue as a "backdoor" but later clarified it as a "hidden feature." This flaw could allow attackers to impersonate devices and access sensitive information.