VAR-201805-0894
Vulnerability from variot - Updated: 2023-12-18 13:52Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. BootROM Recovery Mode (RCM) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NVIDIA Tegramobileprocessors is a central processing unit from NVIDIA. BootROMRecoveryMode (RCM) is one of the engineering mode components that can modify the data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0894",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tegra bootrom rcm",
"scope": "eq",
"trust": 1.6,
"vendor": "nvidia",
"version": null
},
{
"model": "tegra recovery mode",
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": "tegra mobile processors",
"scope": "lt",
"trust": 0.6,
"vendor": "nvidia",
"version": "2016"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nvidia:tegra_bootrom_rcm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nvidia:tegra_mobile_processor:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6242"
}
]
},
"cve": "CVE-2018-6242",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-6242",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10171",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-6242",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-6242",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-10171",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-001",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-6242",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device\u0027s USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. BootROM Recovery Mode (RCM) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NVIDIA Tegramobileprocessors is a central processing unit from NVIDIA. BootROMRecoveryMode (RCM) is one of the engineering mode components that can modify the data",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "VULMON",
"id": "CVE-2018-6242"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-6242",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-10171",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-6242",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"id": "VAR-201805-0894",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
}
]
},
"last_update_date": "2023-12-18T13:52:41.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Answer ID 4660",
"trust": 0.8,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4660"
},
{
"title": "Cisco: NVIDIA TX1 Boot ROM Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180620-nvidia-tx1-rom"
},
{
"title": "Kinesys-Nintendo-CVE-2018-6242",
"trust": 0.1,
"url": "https://github.com/kinesys/kinesys-nintendo-cve-2018-6242 "
},
{
"title": "fusee-launcher",
"trust": 0.1,
"url": "https://github.com/qyriad/fusee-launcher "
},
{
"title": "awesome-switch",
"trust": 0.1,
"url": "https://github.com/perillamint/awesome-switch "
},
{
"title": "switch-fusee",
"trust": 0.1,
"url": "https://github.com/erdzan12/switch-fusee "
},
{
"title": "rcm-modchips",
"trust": 0.1,
"url": "https://github.com/reswitched/rcm-modchips "
},
{
"title": "de-switch",
"trust": 0.1,
"url": "https://github.com/geoselenic/de-switch "
},
{
"title": "fusee-launcher",
"trust": 0.1,
"url": "https://github.com/cease-and-deswitch/fusee-launcher "
},
{
"title": "nxboot",
"trust": 0.1,
"url": "https://github.com/mologie/nxboot "
},
{
"title": "fusee_wrapper",
"trust": 0.1,
"url": "https://github.com/lyfeonedge/fusee_wrapper "
},
{
"title": "fusho",
"trust": 0.1,
"url": "https://github.com/switchjs/fusho "
},
{
"title": "DavidBuchanan314",
"trust": 0.1,
"url": "https://github.com/davidbuchanan314/davidbuchanan314 "
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
},
{
"title": "android-security",
"trust": 0.1,
"url": "https://github.com/alphaseclab/android-security "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4660"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6242"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6242"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/kinesys/kinesys-nintendo-cve-2018-6242"
},
{
"trust": 0.1,
"url": "https://github.com/qyriad/fusee-launcher"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180620-nvidia-tx1-rom"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"date": "2018-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"date": "2018-05-01T20:29:00.280000",
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10171"
},
{
"date": "2018-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-6242"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004964"
},
{
"date": "2018-06-13T17:11:14.667000",
"db": "NVD",
"id": "CVE-2018-6242"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BootROM Recovery Mode Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-001"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…