CVE-2024-53832
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Published Dec 10, 2024
CWE ID 522
Summary
CVE-2024-53832 refers to a vulnerability affecting all versions of CPCI85 Central Processing/Communication units prior to V05.30. The issue lies in the unencrypted SPI bus connecting the secure element, making it susceptible to physical attacks. An attacker with access to the SPI bus can observe the secure element authentication password, enabling them to decrypt all encrypted update files using the secure element as an oracle. This poses a significant risk to sensitive data and system integrity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share