Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Breaking Espressif's ESP32 V3: Program Counter Control with Computed Values Using Fault Injection

USENIX via YouTube

Overview

Watch a 21-minute conference talk from USENIX WOOT '24 demonstrating the first successful fault injection attack that bypasses security features on the Espressif ESP32 V3 microcontroller. Learn how researchers from the Technology Innovation Institute and Raelize managed to circumvent both Secure Boot and Flash Encryption protections using a single electromagnetic glitch. Discover the technical details of how they manipulated encrypted flash contents to modify a CRC value on the bootloader signature, enabling arbitrary code execution through Download Mode in ROM. Understand the implications of these hardware-level vulnerabilities that led to Security Advisory AR2023-005 and CVE-2023-35818, requiring a new hardware revision for remediation.

Syllabus

WOOT '24 - Breaking Espressif’s ESP32 V3: Program Counter Control with Computed Values using...

Taught by

USENIX

Reviews

Start your review of Breaking Espressif's ESP32 V3: Program Counter Control with Computed Values Using Fault Injection

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.