Reports of undocumented Bluetooth HCI commands from ESP32 chips are doing the rounds. They open up a security flaw.