CVE-2024-53832
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). The affected devices contain a secure element which is connected via an unencrypted SPI bus. This could allow an attacker with physical access to the SPI bus to observe the password used for the secure element authentication, and then use the secure element as an oracle to decrypt all encrypted update files.
Overview
- CVE ID
- CVE-2024-53832
- Assigner
- siemens
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-10T13:54:14.682Z
- Last Modified Date
- 2024-12-10T17:17:37.372Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/html/ssa-128393.html |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-53832 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53832 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-12-11 13:56:32 | Added to TrackCVE |