CVE-2024-53832

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Dec 10, 2024
CWE ID 522

Summary

CVE-2024-53832 refers to a vulnerability affecting all versions of CPCI85 Central Processing/Communication units prior to V05.30. The issue lies in the unencrypted SPI bus connecting the secure element, making it susceptible to physical attacks. An attacker with access to the SPI bus can observe the secure element authentication password, enabling them to decrypt all encrypted update files using the secure element as an oracle. This poses a significant risk to sensitive data and system integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share