Core Runtime Firmware
Monthly
Firmware verification bypass in Caliptra Core Runtime Firmware versions 2.0.0 through 2.0.1 and 2.1.0 allows an attacker with high privileges to load unverified MCU firmware during a hitless update. The flaw resides in the ActivateFirmwareCmd::activate_fw module, where an incorrect check of a function return value causes the Root-of-Trust to skip authentication of the Microcontroller Unit firmware image. No public exploit identified at time of analysis, and the issue was responsibly disclosed by the Caliptra project itself.
Broken GCM integrity in Caliptra Core Runtime Firmware 2.0.0-2.1.0 allows an adjacent, low-privileged attacker to silently tamper with ciphertext produced by the streaming AES-256-GCM API when called with empty AAD. The root defect - a missing save of the hardware GHASH accumulator state after the first streaming update call - causes the final authentication tag to exclude the first batch of processed ciphertext, nullifying the integrity guarantee of authenticated encryption for that block. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog.
Firmware verification bypass in Caliptra Core Runtime Firmware versions 2.0.0 through 2.0.1 and 2.1.0 allows an attacker with high privileges to load unverified MCU firmware during a hitless update. The flaw resides in the ActivateFirmwareCmd::activate_fw module, where an incorrect check of a function return value causes the Root-of-Trust to skip authentication of the Microcontroller Unit firmware image. No public exploit identified at time of analysis, and the issue was responsibly disclosed by the Caliptra project itself.
Broken GCM integrity in Caliptra Core Runtime Firmware 2.0.0-2.1.0 allows an adjacent, low-privileged attacker to silently tamper with ciphertext produced by the streaming AES-256-GCM API when called with empty AAD. The root defect - a missing save of the hardware GHASH accumulator state after the first streaming update call - causes the final authentication tag to exclude the first batch of processed ciphertext, nullifying the integrity guarantee of authenticated encryption for that block. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog.