Vulnerability in Caliptra Core Runtime Firmware

CVE-2026-5818

Incorrect check of function return value in Caliptra Core Runtime Firmware (ActivateFirmwareCmd::activate_fw modules) allows bypass of Caliptra Core's verification of the MCU FW during a hitless update. This issue affects Core Runtime Fir…

EPSS: 0.002 (5.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References