CVE-2025-65396

Name of the Vulnerable Software and Affected Versions Blurams Flare Camera versions 24.1114.151.929 and earlier

Description A flaw exists in the boot process of the Blurams Flare Camera that allows a nearby attacker to take control of the boot mechanism and obtain a bootloader shell through the UART interface. This is accomplished by causing a read error from the SPI flash memory during boot by shorting a data pin of the IC to ground. Successful exploitation allows an attacker to extract the entire firmware, potentially exposing sensitive data like cryptographic keys and user settings.

Recommendations Versions prior to 24.1114.151.929 are vulnerable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.