CVE-2024-25076 – An issue was discovered on Renesas SmartBond DA146

CVE ID : CVE-2024-25076

Published : July 10, 2024, 8:15 p.m. | 1 hour, 6 minutes ago

Description : An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value (Length of Flash Config Section) to control a read from the QSPI device into a fixed sized buffer, resulting in a buffer overflow and execution of arbitrary code.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-25076

Published : July 10, 2024, 8:15 p.m. | 1 hour, 6 minutes ago

Description : An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value (Length of Flash Config Section) to control a read from the QSPI device into a fixed sized buffer, resulting in a buffer overflow and execution of arbitrary code.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…