Security Flaw in Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 Devices
CVE-2024-25077
Currently unrated
What is CVE-2024-25077?
A security flaw exists in the Renesas SmartBond line of devices where the nonce used for on-the-fly decryption of flash images is stored in an unsigned header. This allows an attacker to modify the nonce without affecting the associated secure boot image signature. Due to the encryption mechanism utilizing AES in CTR mode without proper authentication, this modification can permit the execution of arbitrary code, thereby threatening the integrity and security of the affected devices.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.