Espressif ESP32: Glitching The OTP Data Transfer
Modern System-on-Chips (SoCs) include security critical features which are often configured securely …
Read moreLatest Posts
Espressif ESP32: Breaking HW AES with Electromagnetic …
In our previous blog post, we’ve shown how we extracted the secret key from the ESP32’s …
Read moreEspressif ESP32: Breaking HW AES with Power Analysis
Side Channel Analysis (SCA) attacks are commonly used for extracting the secret key of cryptographic …
Read moreVulnerable tzdemuxerservice TA on Samsung TVs (J-series)
We often analyze the security of devices that implement a Trusted Execution Environment (TEE) and …
Read moreQualcomm IPQ40xx: Achieving QSEE Code Execution
In this post we finally dive into our approach for exploiting the vulnerabilities we’ve …
Read moreQualcomm IPQ40xx: Breaking into QSEE using Fault Injection
We’ve identified multiple critical software vulnerabilities in QSEE, Qualcomm’s Trusted …
Read more