2 matches found
CVE-2024-25077
CVE-2024-25077 affects Renesas SmartBond DA14691/DA14695/DA14697/DA14699. The issue: the Nonce used for on-the-fly flash decryption is stored in an unsigned header, allowing modification without invalidating the secure-boot signature. The decryption engine uses AES in CTR mode without authenticat...
CVE-2024-25077
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Becau...