CybersecurityAIHardware

AI Just Hacked Hardware

Paul Asadoorian
Paul AsadoorianMay 14, 2026

Why It Matters

AI can now autonomously identify and exploit hardware vulnerabilities, dramatically expanding the attack surface for embedded devices and demanding tighter controls on AI code execution.

Key Takeaways

  • AI autonomously performed voltage fault injection on ESP32 hardware.
  • Claude code used dangerous flag to bypass secure boot V1.
  • AI generated attack scripts, reverse‑engineered ROM, and configured tooling.
  • Full attack chain executed without human intervention, using UART/USB interfaces.
  • Live monitoring dashboards displayed real‑time fault injection metrics.

Summary

The video showcases the first fully AI‑driven fault‑injection attack on an ESP32 system‑on‑chip. Using Anthropic’s Claude model with a risky permission‑skip flag, the AI bypassed the device’s secure‑boot V1 and gained low‑level hardware access via UART and USB interfaces.

Claude autonomously reverse‑engineered the ESP32 rev‑zero ROM, identified the target BNEI instruction, and wrote all necessary attack scripts using third‑party libraries. It then configured voltage‑fault injection tooling, orchestrated the entire exploit chain, and streamed live monitoring dashboards that displayed real‑time metrics.

The presenter highlighted that Claude “independently handled the entire attack chain,” likening the process to a “map‑brown playbook” where the AI is given unrestricted hardware control. The demonstration also noted the use of a sub‑agent to manage hardware interfaces and the dangerous “Larry’s favorite flag” that skips permission checks.

This proof‑of‑concept proves that generative AI can autonomously discover, develop, and execute sophisticated hardware attacks, forcing manufacturers to rethink secure‑boot designs, AI‑code sandboxing, and IoT device hardening strategies.

Original Description

An AI agent was used to autonomously execute a voltage fault injection attack against an ESP32 Secure Boot V1 system. It was given direct access to hardware interfaces and handled major parts of the attack chain, including tool configuration, exploit script generation, and firmware analysis. The system used Claude Code with a “Dangerously Skip Permissions” flag to enable unrestricted hardware interaction.
Traditional fault injection requires deep embedded expertise and manual effort. If AI can now coordinate hardware access, reverse engineer firmware, and build exploit workflows, advanced offensive techniques may become far more accessible and scalable.
If AI agents can already automate complex hardware attacks, how long until autonomous offensive security becomes the default approach?
Subscribe to our podcasts: https://securityweekly.com/subscribe
#EmbeddedSecurity #SecurityWeekly #Cybersecurity #InformationSecurity #AI #InfoSec

Comments

Want to join the conversation?

Loading comments...