Can one re-program a Leonardo Eth via its Ethernet port only?

Question 1

Let's assume we have an Arduino Leonardo Eth running some sort of networking application, perhaps a very simple web server. Importantly the server is read only and static HTML. There is no ability to submit forms. And it has the standard boot loader.

Can hackers go in through the wired Ethernet connection (only) and re-program it? I ask as e.g. the ESP chips can be, and so can Raspberries as they run a full TCP stack & OS.

Question 2

The Leonardo Eth can not be re-programmed over the Ethernet port.

Arduino Leonardo ETH has the W5500 Ethernet chip wired over SPI to the ATmega32U4 MCU. The MCU is SPI master.

The network stack runs in the W5500 and is 'hardwired' in ROM. There is no firmware upgrade possibility over the network or even over the pins.

I guess your Arduino sketch communicates with the W5500 using the Ethernet library. This initiates the SPI communication and controls the W5500.

To replace the sketch/application in the Leonardo it is necessary to activate the bootloader, usually with a reset. The default bootloader on Leonardo only listens on USB, not on SPI.

While the ISP programming uses SPI pins and the W5500 is wired over SPI, the W5500 firmware has no code to do it.

Notes:

for Arduino Ethernet (Uno with a W5500) Arduino made a bootloader which allows to upload the sketch over Ethernet (link)
the Arduino Yun is an ATmega32U4 with a powerful Atheros AR9331 processor as a peripheral primarily for networking and storage. The Atheros CPU runs a version o Linux so it can be hacked.
here is my answer for similar question for Mega with an Espressif MCU as WiFi adapter

Question 3

Thanks. So in summary, a web page served from a Leonardo Eth is completely unhackable?

Question 4

@PaulUszak A persistent infection of the server side is not possible. That is not the same as saying the page is magically invulnerable to attack. At minimum you’re still vulnerable to DoS attacks on the network stack itself, and depending on what’s in the page clients viewing it may be vulnerable to other types of attacks.

Question 5

@AustinHemmelgarn It's infection that I was primarily concerned about. Thanks, I appreciate other types of attack :-)

Juraj ♦Juraj 18.3k4 gold badges31 silver badges49 bronze badges · Answer 1 · 2025-07-27 15:53:31Z

The Leonardo Eth can not be re-programmed over the Ethernet port.

Arduino Leonardo ETH has the W5500 Ethernet chip wired over SPI to the ATmega32U4 MCU. The MCU is SPI master.

The network stack runs in the W5500 and is 'hardwired' in ROM. There is no firmware upgrade possibility over the network or even over the pins.

I guess your Arduino sketch communicates with the W5500 using the Ethernet library. This initiates the SPI communication and controls the W5500.

To replace the sketch/application in the Leonardo it is necessary to activate the bootloader, usually with a reset. The default bootloader on Leonardo only listens on USB, not on SPI.

While the ISP programming uses SPI pins and the W5500 is wired over SPI, the W5500 firmware has no code to do it.

Notes:

for Arduino Ethernet (Uno with a W5500) Arduino made a bootloader which allows to upload the sketch over Ethernet (link)
the Arduino Yun is an ATmega32U4 with a powerful Atheros AR9331 processor as a peripheral primarily for networking and storage. The Atheros CPU runs a version o Linux so it can be hacked.
here is my answer for similar question for Mega with an Espressif MCU as WiFi adapter

Thanks. So in summary, a web page served from a Leonardo Eth is completely unhackable?
@PaulUszak A persistent infection of the server side is not possible. That is not the same as saying the page is magically invulnerable to attack. At minimum you’re still vulnerable to DoS attacks on the network stack itself, and depending on what’s in the page clients viewing it may be vulnerable to other types of attacks.
@AustinHemmelgarn It's infection that I was primarily concerned about. Thanks, I appreciate other types of attack :-)

Stack Exchange Network

Can one re-program a Leonardo Eth via its Ethernet port only?

1 Answer 1

Your Answer

Sign up or log in

Post as a guest

Post as a guest

Linked

Hot Network Questions

Can one re-program a Leonardo Eth via its Ethernet port only?

1 Answer 1

Your Answer

Sign up or log in

Post as a guest

Post as a guest

Linked

Related

Hot Network Questions