CVE-2025-26408
6.1
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Wattsense | Wattsense Bridge | * | affected |
Weaknesses
- CWE-1191: CWE-1191 On-Chip Debug and Test Interface With Improper Access Control
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
- https://r.sec-consult.com/wattsense
- https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.