Information about NVIDIA® Tegra USB Recovery Mode Vulnerability

Friday, April 27, 2018

NVIDIAA recent publication has indicated that a person who has physical access to a Tegra-based Module can connect to the USB port, set the device into recovery mode, bypass the secure boot and execute unverified code.
(CVE-2018-6242: Code execution, escalation of privileges, and information disclosure)

It is not possible to remotely exploit this vulnerability. The vulnerability is only relevant for customers using Secure Boot.

Toradex currently does not plan to take any action. If you are using the secure boot feature and have any concerns, please contact Toradex Support.

Possible affected products:

Latest News

Thursday, October 15, 2020

New release:

TorizonCore 5.0.0-devel October Monthly Release
Thursday, October 15, 2020

New Release:

Toradex BSP Layers and Reference Images for Yocto Project 5.0.0 Quarterly Production Release
Wednesday, September 16, 2020

New Release:

Torizon IDE Extensions September Release
Have a Question?