tags:toctoumicrocontrolleriot original link: CVE-2024-28183 OTA Anti-Rollback Bypass via TOCTOU in ESP-IDF newsletter link: exploits.club Weekly Newsletter 15
Exploits Club Summary:
A quick-hitter from elttam. The team found a way to bypass the anti-rollback mechanism by leveraging a TOCTOU vulnerability. The second-stage bootloader does the final anti-rollback check prior to refetching the application image from flash. The rest of the post dives into setting up a test environment and crafting a PoC.