CVE-2025-26408

Summary

The JTAG interface of Wattsense Bridge devices can be accessed with physical access to the PCB. After connecting to the interface, full access to the device is possible. This enables an attacker to extract information, modify and debug the device's firmware. All known versions are affected.

Affected Software

VendorProductVersion RangeStatus
WattsenseWattsense Bridge*affected

Weaknesses

  • CWE-1191: CWE-1191 On-Chip Debug and Test Interface With Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References