CVE-2026-5818
Received Received - Intake
Incorrect return value check in Caliptra Core Runtime Firmware allows MCU firmware bypass

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: b01ddd03-5ef6-483b-b2c5-acba77f1a554

Description
Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of Caliptra Core's verification of the MCU FW during a hitless update. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-24
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-5818
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
chipsalliance caliptra_core From 2.0.0 (inc) to 2.0.1 (inc)
chipsalliance caliptra_core 2.1.0
chipsalliance caliptra_core 2.0.2
chipsalliance caliptra_core 2.1.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-253 The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5818 is a high-severity vulnerability in Caliptra Core Runtime Firmware versions 2.0.0, 2.0.1, and 2.1.0. It arises from an incorrect check of a function's return value in the activate_firmware command, which leads to a time-of-check time-of-use (TOCTOU) issue. This flaw causes the firmware authorization check to be silently discarded, allowing unauthorized MCU firmware to be loaded and executed without detection.

The root cause is a CWE-253 classification, meaning the software incorrectly handles a function's return value and fails to detect errors properly.

Impact Analysis

This vulnerability can lead to an authentication bypass during MCU firmware updates, allowing unauthorized firmware to be loaded and executed.

The impact includes high risks to system integrity and availability, potentially affecting both the vulnerable system and any subsequent systems that rely on it.

There is also a potential for confidentiality breaches in subsequent systems due to this flaw.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade the Caliptra Core Runtime Firmware to a patched version. The vulnerability affects versions 2.0.0, 2.0.1, and 2.1.0, and has been fixed in versions 2.0.2 and 2.1.1.

Compliance Impact

The vulnerability allows unauthorized MCU firmware to be loaded and executed without detection, leading to high integrity and availability risks to the affected system and potentially subsequent systems.

Such integrity and availability risks could impact compliance with standards and regulations like GDPR and HIPAA, which require maintaining the integrity and security of systems processing sensitive data.

However, there is no explicit information in the provided resources directly linking this vulnerability to specific compliance violations or regulatory impacts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5818. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart