Minut · Minut M2 · CVE-2024-44754
**Name of the Vulnerable Software and Affected Versions**
Minut M2 version #15142
**Description**
The issue allows physically proximate attackers to extract cryptographic keys from the internal flash of Minut M2 devices with the specified firmware version. This can be used to inject modified firmware into other Minut M2 products via USB.
**Recommendations**
For Minut M2 version #15142, consider restricting physical access to the device and avoiding the use of USB connections from untrusted sources until a fix is available. As a temporary workaround, restrict access to the device's internal flash to minimize the risk of exploitation.