Researchers Sean Cross and Andrew Huang demonstrated yesterday at the Chaos Communication Congress that they could write arbitrary code onto various flash-based SD memory cards. The hack could give attackers the ability to perform man-in-the-middle attacks on devices housing the cards, as well as give users access to an inexpensive source of powerful and programmable microcontrollers. The researchers examined Appotech s AX211 and AX215 products, which are generally soldered onto the mainboards of smartphones for the purpose of storing operating system and other private user data.
Source: https://threatpost.com/flash-memory-cards-contain-powerful-unsecured-microcontrollers/103366/