CVE-2026-24801 | THREATINT

Description

Vulnerability in Ralim IronOS (source/Core/BSP/Pinecilv2/bl_mcu_sdk/components/ble/ble_stack/common/tinycrypt/source modules). This vulnerability is associated with program files ecc_dsa.C. This issue affects IronOS: before v2.23-rc3.

PUBLISHED Reserved 2026-01-27 | Published 2026-01-27 | Updated 2026-01-27 | Assigner GovTech CSG

MEDIUM: 6.9CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Red

Product status

Default status

affected

Any version before v2.23-rc3

affected

Credits

TITAN Team (titancaproject@gmail.com) reporter

References

github.com/Ralim/IronOS/pull/2087 patch

cve.org (CVE-2026-24801)

nvd.nist.gov (CVE-2026-24801)

Download JSON