CVE-2025-9709 in nRF52810
Summary
by MITRE • 09/05/2025
On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring the least amount of modification to the hardware system possible.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 09/05/2025
The vulnerability CVE-2025-9709 affects the nRF52810 microcontroller from Nordic Semiconductor, specifically targeting the on-chip debug and test interface that lacks proper access controls and electromagnetic fault injection protection mechanisms. This weakness resides in the hardware-level security architecture of the device, creating a critical attack surface that adversaries can exploit without requiring extensive physical modifications to the target system. The vulnerability manifests through improper access control measures that fail to adequately protect the debug interface, combined with insufficient protection against electromagnetic fault injection attacks that can manipulate the device's operational state.
The technical flaw exploits the fundamental design of the nRF52810's debug and test infrastructure, where the APPROTECT feature designed to prevent unauthorized access to the device's memory and programming capabilities can be bypassed through carefully orchestrated electromagnetic fault injection techniques. This attack vector leverages the physical properties of the chip's architecture, allowing an attacker to inject electromagnetic pulses that disrupt the normal operation of the device's protection mechanisms. The vulnerability specifically targets the runtime environment where APPROTECT should enforce access restrictions, enabling attackers to perform unauthorized operations without the need for complex physical access or significant hardware modifications.
Operationally, this vulnerability presents a severe threat to embedded systems security, particularly in applications where the nRF52810 serves as a core component in IoT devices, medical equipment, automotive systems, or industrial control systems. Attackers can exploit this weakness to gain unauthorized access to device memory, extract sensitive information, modify firmware, or disable security features entirely. The minimal hardware modification requirement makes this attack particularly dangerous as it can be executed by adversaries with relatively basic equipment and knowledge, potentially compromising the security of entire device fleets. The electromagnetic fault injection technique can be performed remotely or at close range, depending on the attack setup, making it difficult to defend against through traditional physical security measures.
Mitigation strategies for CVE-2025-9709 should focus on both hardware and software approaches, though the fundamental weakness lies in the chip's design architecture. Organizations should implement comprehensive physical security measures including electromagnetic shielding, secure device enclosures, and restricted access controls to prevent unauthorized physical access to vulnerable devices. Software-level protections should include regular firmware updates, implementation of additional runtime integrity checks, and deployment of intrusion detection systems. The vulnerability aligns with CWE-310 (Cryptographic Issues) and CWE-311 (Missing Encryption of Sensitive Data) categories, while also mapping to ATT&CK techniques such as T1059 (Command and Scripting Interpreter) and T1552 (Unsecured Credentials) through the exploitation of hardware-level access controls. Device manufacturers should consider implementing enhanced electromagnetic protection circuits and strengthening the debug interface access controls to prevent unauthorized access and maintain the integrity of APPROTECT mechanisms.