So, the tl;dr is that an attacker can gain access to the ESP32 not the device that connects to the ESP themselves. I don’t know how bluetooth pairing would behave when the device that once masquerade as a light switch now advertises themselves as smart watch. I presume it would require further confirmation from the user. If that is the case, then the danger is when ESP32 is used in a device that is already collecting sensitive information with an active bluetooth stack since that device can now be remotely hacked. But I will defer my judgement on this matter after the PoC has been demonstrated (can’t find any demo of any proof of concept attack, just the same article copy pasted multiple times on different site)
So, the tl;dr is that an attacker can gain access to the ESP32 not the device that connects to the ESP themselves. I don’t know how bluetooth pairing would behave when the device that once masquerade as a light switch now advertises themselves as smart watch. I presume it would require further confirmation from the user. If that is the case, then the danger is when ESP32 is used in a device that is already collecting sensitive information with an active bluetooth stack since that device can now be remotely hacked. But I will defer my judgement on this matter after the PoC has been demonstrated (can’t find any demo of any proof of concept attack, just the same article copy pasted multiple times on different site)