CVE-2025-9709
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-09-08

Assigner: Toreon

Description
On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-09-08
Generated
2026-06-16
AI Q&A
2025-09-05
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9709
EUVD
EUVD-2025-27018
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nordic_semiconductor nrf52840 *
nordic_semiconductor nrf52810 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1191 The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
CWE-1319 The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9709 is a vulnerability in the Nordic Semiconductor nRF52810 chip's On-Chip Debug and Test Interface. It involves improper access control and insufficient protection against Electromagnetic Fault Injection (EM-FI). An attacker with physical access can use EM-FI to bypass the APPROTECT security feature at runtime with minimal hardware modification, potentially gaining unauthorized control over the device. [1]

Impact Analysis

This vulnerability allows attackers with physical access to the affected device to bypass security protections and gain unauthorized access to sensitive data or control of the device. This can lead to data breaches, device manipulation, and compromise of system integrity, posing significant security risks especially in environments relying on the affected chip. [1]

Mitigation Strategies

Immediate mitigation steps are not detailed in the provided resources. However, since the vulnerability involves electromagnetic fault injection (EM-FI) to bypass security protections on the Nordic Semiconductor nRF52810 chip, physical access to the device should be strictly controlled to prevent exploitation. Additionally, device manufacturers are encouraged to implement robust security measures in hardware design to protect against such attacks. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9709. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart