Nordic Semiconductor nRF52810 On-Chip Debug Interface Improper Access Control Vulnerability Allowing Electromagnetic Fault Injection

A vulnerability in the on-chip debug and test interface of Nordic Semiconductor nRF52810 devices, prior to 2020-10-19, has been identified. This vulnerability arises from improper access control and inadequate protection against electromagnetic fault injection (EM-FI). Exploitation of this vulnerability allows an attacker to perform EM fault injection, bypassing the flash read-out protection (APPROTECT) during runtime with minimal hardware modification.

Impact

Exploitation of this vulnerability allows for electromagnetic fault injection that can corrupt instructions, bypassing software-based countermeasures and gaining control over the program counter, leading to arbitrary code execution. This has been demonstrated on the ARM32 architecture, including on devices running Linux.

Reproduction

The vulnerability can be reproduced by injecting electromagnetic faults into the nRF52810 chip's debug interface while the device is powered on. This can be done using specialized equipment that generates electromagnetic signals, targeting the chip's response to normal operational commands. The injected faults can disrupt the execution of instructions, particularly during data transfers that are under the attacker's control, such as via the USB interface. This manipulation can be timed to hijack the program counter, redirecting execution to arbitrary code.