Microcontroller Vulnerability in NVIDIA GPU and Tegra Hardware
CVE-2021-23219

4.1MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu And Tegra Hardware
Vendor: CVE Published:; 20 November 2021

What is CVE-2021-23219?

NVIDIA GPU and Tegra hardware are impacted by a vulnerability in the internal microcontroller. This flaw potentially allows users with elevated privileges to identify, exploit, and load vulnerable microcode, leading to the unauthorized access of protected information. The implications of such an attack can result in information disclosure, which may compromise sensitive data handled by these devices.

Affected Version(s)

NVIDIA GPU and Tegra hardware Maxwell (except GM206), Tegra X1, Tegra X1+

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5263

x_refsource_CONFIRM

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Feb 9, 2021

Nvidia

What is CVE-2021-23219?

Affected Version(s)

References

CVSS V3.1

Timeline