Two distinct groups of security professionals have unveiled functional proof-of-concept exploits targeting an unpatchable vulnerability in Nvidia’s Tegra series of embedded processors, which forms the backbone of all currently available Nintendo Switch consoles. Identified as Fusée Gelée and ShofEL2, these exploits facilitate a coldboot execution exploit that allows device owners to install Linux, run unofficial applications, and deploy custom firmware—capabilities generally restricted on the console.
Both exploits leverage a buffer overflow vulnerability within the USB software stack of the read-only boot instruction ROM (IROM/bootROM). This flaw enables unauthorized arbitrary code execution on the gaming console prior to the activation of any protective lock-out mechanisms that safeguard the chip’s bootROM. Specifically, the vulnerability is triggered when a device owner inputs an “excessive length” parameter to a poorly coded USB control procedure, causing an overflow in a pivotal Direct Memory Access (DMA) buffer. This overflow ultimately allows arbitrary data to be input into the protected application stack, granting the attacker the means to execute custom code.
To achieve this exploit, physical access to the hardware console is required to place the Switch into USB recovery mode (RCM), which can be accomplished by manipulating specific pins on the right Joy-Con connector without disassembling the device. Team fail0verflow has noted that a simple wire can be used to bridge the necessary connections, while ReSwitched’s Katherine Temkin has indicated that merely bending the pins can also yield success. Once the correct connections are made, the Switch can be linked to a computer via USB, enabling the execution of the available exploits.
Fusée Gelée, introduced by Temkin, initially allows users to display device data on-screen, with promises of future scripting capabilities and comprehensive technical details on its exploitation set for release. Furthermore, she is developing custom firmware named Atmosphère, which can be deployed through Fusée Gelée.
On the other hand, the ShofEL2 exploit from fail0verflow allows for the installation of Linux on the console. The team has issued a caution regarding potential risks, including hardware damage, when utilizing their exploit. Additionally, Team Xecutor, a separate faction of hardware hackers, is preparing to sell a consumer-oriented version of the exploit, purportedly compatible with any Nintendo Switch regardless of firmware version and designed to be future-proof.
Critically, the vulnerability is not isolated to the Nintendo Switch but extends to all devices utilizing Nvidia’s Tegra X1 processors. Temkin indicated that this issue was responsibly disclosed to Nvidia and other vendors, including Nintendo, but due to the bootROM being integrated into the Tegra devices and maintained in read-only memory, it cannot be rectified through typical software or firmware updates. As fail0verflow stated, addressing this breach requires a hardware revision, rendering all existing Switch units vulnerable indefinitely.
In terms of cybersecurity implications, this incident emphasizes the importance of physical security and the potential for exploitation through initial access tactics. The techniques employed align with the MITRE ATT&CK framework, particularly focusing on privilege escalation and persistence strategies that could be utilized by adversaries to maintain unauthorized control over affected devices. Given the widespread nature of this vulnerability, stakeholders must remain vigilant in monitoring updates and potential future exploits targeting embedded systems.