CVE Identifier: CVE-2025-65396 Affected Hardware: Blurams Flare Camera Affected Firmware Version: 24.1114.151.929 and earlier Vulnerability Description: During the boot process, a physically proximate attacker can hijack the boot mechanism by inducing a read error from the SPI flash memory via shorting a data pin to ground. This provides access to the bootloader shell through the UART interface, enabling the dumping of the entire firmware. Information at Risk: Cryptographic keys and user configurations. Disclosure Timeline: - 23/09/2025: Initial contact with vendor. - 08/10/2025: Vulnerability report submitted to vendor. - 11/10/2025: Vulnerability confirmed by vendor. - 31/10/2025: Request for CVE ID. - 29/11/2025: CVE ID reserved. - 14/01/2026: Public disclosure.