On-Chip Debug and Test Interface With Improper Access Control

CVE-2025-9709

High

8.6/10

Summary

On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.

Attack Complexity: LOW
Attack Vector: PHYSICAL
User Interaction: NONE
Privileges Required: NONE

CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

References

Advisory Timeline

Published Sep 05, 2025

On-Chip Debug and Test Interface With Improper Access Control

CVE-2025-9709

Summary

CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS