Information about NVIDIA® Tegra USB Recovery Mode Vulnerability

Friday, April 27, 2018
NVIDIA

NVIDIAA recent publication has indicated that a person who has physical access to a Tegra-based Module can connect to the USB port, set the device into recovery mode, bypass the secure boot and execute unverified code.
(CVE-2018-6242: Code execution, escalation of privileges, and information disclosure)

It is not possible to remotely exploit this vulnerability. The vulnerability is only relevant for customers using Secure Boot.

Toradex currently does not plan to take any action. If you are using the secure boot feature and have any concerns, please contact Toradex Support.

Possible affected products:

Latest News

Tuesday, January 18, 2022

New Release:

TorizonCore 5.5.0 Quarterly Release
Tuesday, January 18, 2022

New Release:

Toradex BSP Layers and Reference Images for Yocto Project 5.5.0 Quarterly Release
Friday, October 8, 2021

New Release:

TorizonCore 5.4.0 Quarterly Release
Have a Question?