ESP8266 AND ESP32 WiFi Vulnerabilities Noted.
Espressif Security Advisory Concerning Fault Injection and Secure Boot.
Sep 3, 2019
An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup and boot unverified code from flash. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field.
This issue has been found and disclosed to Espressif by two security analysts at Riscure, Yashin Mehaboobe and Santiago Cordoba Pellicer. It was also independently found and disclosed by LimitedResults. Espressif thanks both parties for responsibly disclosing this issue.
Recommendations for ESP32 Users
All existing users of Secure Boot and Flash Encryption on the ESP32 should upgrade ESP-IDF to versions 3.0.9, 3.1.6, 3.2.3, 3.3.1 as soon as these versions are available. These versions and ESP-IDF v4.0 and newer, will contain a patch to permanently enable Flash Encryption when Secure Boot is used, preventing it from ever being temporarily disabled.
The updated app can be delivered to devices in the field via OTA and does not require any update of the ESP-IDF bootloader.
Certainly no need to worry, but if you have any mission critical stuff running on ESP8266 or ESP32 you need to be aware.