CVE-2024-25077

Name of the Vulnerable Software and Affected Versions Renesas SmartBond versions DA14691, DA14695, DA14697, and DA14699

Description An issue was discovered where the Nonce used for on-the-fly decryption of flash images is stored in an unsigned header, allowing its value to be modified without invalidating the signature used for secureboot image verification. Because the encryption engine for on-the-fly decryption uses AES in CTR mode without authentication, an attacker-modified Nonce can result in execution of arbitrary code.

Recommendations For Renesas SmartBond versions DA14691, DA14695, DA14697, and DA14699, consider disabling the use of AES in CTR mode without authentication as a temporary workaround until a patch is available. Restrict access to the unsigned header to minimize the risk of exploitation. Avoid modifying the Nonce value in the unsigned header until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.