Public Key Re-Use for Signing both Debug and Production Code
This vulnerability occurs when the same cryptographic key is used to sign both development/debug software builds and final production releases. This insecure practice allows debug versions, which often contain powerful diagnostic features, to be validated and run on live production systems.
Using a single public key to sign both debug and production code creates a critical security gap. Debug builds typically include backdoors, verbose logging, and privileged hardware access to aid developers. If an attacker obtains a leaked debug image, they can install it on production hardware, bypassing security controls and gaining deep system access. The core failure is not establishing a distinct, protected root of trust for the final shipped product. To prevent this, always use separate, dedicated signing keys for development and production environments. The production key must be stored with higher security and never used on debug builds. This ensures a leaked debug image fails verification on production devices, limiting the impact to intellectual property exposure. Managing distinct cryptographic keys across complex build pipelines is challenging; an ASPM like Plexicus can help automate the detection of key reuse and track remediation of these flaws across your entire software supply chain.
Impact: Read MemoryModify MemoryExecute Unauthorized Code or CommandsGain Privileges or Assume IdentityVaries by Context
Code Example:
Suppose the product design requires frugality of silicon real estate. Assume that originally the architecture allows just enough storage for two 2048-bit RSA keys in the fuse: one to be used for debug and the other for production. However, in the meantime, a business decision is taken to make the security future-proof beyond 2030, which means the architecture needs to use the NIST-recommended 3072-bit keys instead of the originally-planned 2048-bit keys. This means that, at most, one key can be fully stored in the fuses, not two. So the product design team decides to use the same public key for debug and production.
Code Example:
Increase the storage so that two different keys of the required size can be stored.