Access Control Vulnerability in NVIDIA Android Images for T210
CVE-2021-34404

7.1HIGH

Key Information:

Vendor: Nvidia
Status: Shield Tv
Vendor: CVE Published:; 18 January 2022

Summary

NVIDIA's Android images for the T210 platform exhibit a vulnerability in the Boot ROM (BROM). This vulnerability arises from inadequate access control over the AHB-DMA interface when BROM fails. An unprivileged attacker with physical access to the device can exploit this vulnerability to cause a denial of service. Additionally, it poses risks to data integrity and confidentiality, allowing unauthorized actions that exceed the security measures provided by BROM.

Affected Version(s)

SHIELD TV All versions prior to SE 9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5259

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 18, 2022
Vulnerability Reserved
Jun 9, 2021