CVE-2026-5818

HIGH

MCU Firmware Update Authentication Bypass on Caliptra Core

Title source: cna
STIX 2.1

Description

Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of Caliptra Core's verification of the MCU FW during a hitless update. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0.

Scores

CVSS v4 7.2
EPSS 0.0015
EPSS Percentile 5.1%
CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-253
Status published
Products (4)
Caliptra/Core Runtime Firmware 2.0.0 - 2.0.1
Caliptra/Core Runtime Firmware 2.0.2
Caliptra/Core Runtime Firmware 2.1.0
Caliptra/Core Runtime Firmware 2.1.1
Published Jun 24, 2026
Tracked Since Jun 24, 2026