Information about NVIDIA® Tegra USB Recovery Mode Vulnerability

Friday, April 27, 2018
NVIDIA

NVIDIAA recent publication has indicated that a person who has physical access to a Tegra-based Module can connect to the USB port, set the device into recovery mode, bypass the secure boot and execute unverified code.
(CVE-2018-6242: Code execution, escalation of privileges, and information disclosure)

It is not possible to remotely exploit this vulnerability. The vulnerability is only relevant for customers using Secure Boot.

Toradex currently does not plan to take any action. If you are using the secure boot feature and have any concerns, please contact Toradex Support.

Possible affected products:

Latest News

Tuesday, February 20, 2024

Press Release:

Join Toradex at Japan IT Week Spring 2024
Monday, January 29, 2024

New Release:

Torizon OS 6.5.0 Quarterly Release
Monday, January 29, 2024

New Release:

Toradex BSP Layers and Reference Images for Yocto Project 6.5.0 Quarterly Release
Have a Question?