CVE-2021-1111

CVSS 6.7 MEDIUMEPSS 0.3%CWE-119

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

11 Aug 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

Affected products

NVIDIA · NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5216