Impact
The flaw occurs when Caliptra Core Runtime Firmware incorrectly checks a function return value in the ActivateFirmwareCmd::activate_fw module. This oversight allows an attacker to bypass the Core’s verification of the MCU firmware during a hitless update, enabling replacement of legitimate firmware with malicious or tampered code. The weakness corresponds to CWE‑253, a failure to verify a critical return value, which directly undermines firmware integrity and authenticity.
Affected Systems
The vulnerability affects Caliptra’s Core Runtime Firmware versions 2.0.0 through 2.0.1 and 2.1.0.
Risk and Exploitability
Based on the description, it is inferred that the attacker must initiate a firmware update to exploit the flaw, implying that local or privileged network access to the update interface is required. The CVSS score of 7.2 places the issue in the high severity range, while the EPSS score is unavailable and the vulnerability is not listed in CISA KEV. Once the update process is compromised, an attacker can inject malicious firmware, gaining persistent control over the device.
OpenCVE Enrichment