looks like it’s happened again, C’mon Ekspresif 
The researchers had found, the presentation explains, a series of undocumented commands in the ESP32’s Bluetooth radio hardware which they said enable “modifying the chip arbitrarily to unlock additional functionalities, infecting these chips with malicious code, and even carrying out attacks of identity theft of devices.”
Espressif’s ESP32 microcontrollers have been hit by claims of a security backdoor, " but your IoT gadgets are still safe from attack."
Read the Whole Article here, pretty good by ALL3DP and Gareth Halfacree
Published Mar 10, 2025
Buyer beware, 
GL 
PJ 