CVE-2024-44754

Name of the Vulnerable Software and Affected Versions Minut M2 version #15142

Description The issue allows physically proximate attackers to extract cryptographic keys from the internal flash of Minut M2 devices with the specified firmware version. This can be used to inject modified firmware into other Minut M2 products via USB.

Recommendations For Minut M2 version #15142, consider restricting physical access to the device and avoiding the use of USB connections from untrusted sources until a fix is available. As a temporary workaround, restrict access to the device's internal flash to minimize the risk of exploitation.