CVE-2025-9709

Summary

On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.

Affected Software

VendorProductVersion RangeStatus
Nordic SemiconductornRF528100affected

Weaknesses

  • CWE-1191: CWE-1191: On-Chip Debug and Test Interface With Improper Access Control
  • CWE-1319: CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)
  • Runtime Hardware Protection Bypass

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References