A path traversal flaw exists in the tinycrypt library modules referenced by ecc_dsa.C within Ralim IronOS. The defect could allow an attacker to construct input that references files outside the intended directory, potentially exposing sensitive configuration files or allowing arbitrary file read. Although the description does not explicitly state a remote code execution vector, path traversal vulnerabilities are commonly leveraged to gain further footholds or to read executable binaries, which can lead to compromise. The vulnerability is specifically tied to the BLE stack component, indicating that the attack may occur through the device’s BLE interface or any middleware that processes BLE data.

Ralim IronOS firmware versions prior to v2.23-rc3 are affected. Any deployment of these firmware releases inherits the path traversal defect in the tinycrypt layers, regardless of external modules or configurations. Users running older IronOS builds should verify the firmware version and consider upgrading to avoid the disclosed weakness.

The CVSS v3.1 base score of 6.9 denotes a moderate severity defect. The EPSS score of less than 1% indicates a very low probability of exploitation at the time of this assessment, and the vulnerability is not listed in the CISA KEV catalog. The most likely attack surface involves the device’s BLE interface or associated management services, where crafted inputs could trigger the path traversal. The impact is confinement to information disclosure or file access, but could serve as a step toward a broader compromise depending on the system’s configuration and the sensitivity of the exposed files.