CVE-2025-48468
Open JTAG Debug Port
In short
A JTAG debug port is left open and unprotected on the device. An attacker with physical access can use this port to inject or change the device's firmware, potentially taking complete control of it.
Technical detail
The JTAG interface lacks authentication or access controls, allowing an attacker with physical proximity to the device to read, modify, or inject firmware through the debug port. This requires physical access but can result in persistent compromise of the device's integrity and functionality.
Summary generated and translated by AI from the official description.
Successful exploitation of the vulnerability could allow an attacker that has physical access to interface with JTAG to inject or modify firmware.
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Advantech · Advantech Wireless Sensing and Equipment (WISE)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →