this post was submitted on 07 Feb 2026
169 points (97.7% liked)
Technology
80916 readers
3061 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Wasn’t there some kind of exploit found in ESP32s recently? Did that turn out to be nothing?
I’ve often wanted to get into them and that kind of intimidated me out of it at the time; haven’t had an opportunity to dive back in
Yes it was a overblown nothing.
I only one I know about https://socprime.com/blog/cve-2025-27840-vulnerability-in-esp32-bluetooth-chips/ which is a bluetooth thing, presumably meaning that you'd have to be in bluetooth range to exploit it.
My paranoid concern is that I'm going to buy these $2 ESP32 boards from some unknowable Chinese company, and how could I know if there's an extra, malicious supervisor element added. So, my ESP32 devices live in the 'untrusted' VLAN. They could, theoretically, discover each other and send their sensor data to some nefarious broker, but they don't have microphones or cameras. I don't even see how they could get enough information to discover my physical address, without cooperation from my ISP.