NVIDIA Jetson Chipsets Vulnerable to Critical Security Flaws

On June 22, 2021, U.S. graphics chip manufacturer NVIDIA issued software updates to patch 26 vulnerabilities in its Jetson system-on-module (SOM) lineup. These flaws could allow attackers to escalate privileges and potentially cause denial-of-service or information disclosure issues. Ranging from CVE‑2021‑34372 to CVE‑2021‑34397, the vulnerabilities impact several Jetson products, including the TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano, as well as the Nano 2GB, all running Jetson Linux versions prior to 32.5.1. The issues were reported by Frédéric Perriot of Apple Media Products. NVIDIA’s Jetson line is designed for AI and computer vision applications, catering primarily to autonomous systems and mobile robots. A major concern is CVE‑2021‑34372, a buffer overflow vulnerability in the Trusty trusted execution environment (TEE) with a CVSS score of 8.2.

NVIDIA Jetson Chipsets Vulnerable to Critical Security Flaws

On June 22, 2021, NVIDIA, a prominent player in the graphics chip industry, announced the release of critical software updates aimed at mitigating 26 vulnerabilities within its Jetson system-on-module (SOM) series. These vulnerabilities could potentially be exploited by malicious actors to escalate user privileges, leading to denial-of-service attacks and unauthorized information disclosure. The identified vulnerabilities, tracked from CVE-2021-34372 to CVE-2021-34397, affect a range of products including the Jetson TX1, TX2 series, TX2 NX, AGX Xavier, Xavier NX, and Nano devices, particularly those running any version of Jetson Linux prior to 32.5.1.

The vulnerabilities were brought to light by Frédéric Perriot of Apple Media Products, who played a crucial role in reporting these security issues. This highlights the collaborative approach necessary in the cybersecurity landscape, where information sharing can lead to more secure technologies.

The NVIDIA Jetson lineup is designed for embedded Linux AI and computer vision applications, catering primarily to autonomous systems such as drones and mobile robots. Given the relevance of these technologies in critical sectors—including transportation and logistics—the implications of such vulnerabilities are significant.

Among the identified flaws, CVE-2021-34372 stands out with a CVSS score of 8.2, indicating a high severity level. This particular vulnerability is a buffer overflow issue within the Trusty trusted execution environment (TEE), which plays a pivotal role in maintaining the security of the system. An attacker exploiting this flaw could gain elevated privileges, potentially compromising sensitive data and functionalities within the affected devices.

The implications of these vulnerabilities extend beyond individual devices; they raise concerns about the security posture of applications and systems reliant on NVIDIA’s Jetson technology. Business owners utilizing these systems should be particularly vigilant, considering the potential for attackers to execute privileged actions or launch devastating denial-of-service operations.

In terms of the broader cybersecurity landscape, this incident underscores the need for organizations to implement robust cybersecurity measures. Utilizing the MITRE ATT&CK framework, tactics such as initial access and privilege escalation are pertinent, as they outline methodologies that could facilitate the exploitation of these vulnerabilities. Attackers might seek to gain initial foothold through social engineering or other means, thereafter leveraging these vulnerabilities to escalate privileges and achieve their objectives.

In response to these vulnerabilities, it is imperative for business owners and stakeholders in the tech sector to remain informed and proactive. Ensuring that affected systems are updated, employing security best practices, and continually educating teams about potential threats and mitigation strategies are essential steps in this ongoing battle against cyber threats. Vigilance and preparedness are critical in fortifying defenses against an increasingly sophisticated adversary landscape.

Source link

Related Posts

Critical Authentication Bypass Vulnerability Discovered in VMware Carbon Black App Control

June 24, 2021
VMware has released security updates addressing a significant vulnerability in Carbon Black App Control that could allow attackers to bypass authentication and potentially take control of affected systems. Labeled CVE-2021-21998, this flaw has received a severity score of 9.4 out of 10 according to the Common Vulnerability Scoring System (CVSS). It impacts App Control versions 8.0.x, 8.1.x, 8.5.x, and 8.6.x. Carbon Black App Control serves as a security measure to protect critical systems and servers from unauthorized changes amidst cyber threats while ensuring compliance with regulations like PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC. “An attacker with network access to the VMware Carbon Black App Control management server may gain administrative access without needing authentication,” the California-based cloud computing and virtualization company stated in a recent advisory.

Microsoft Edge Vulnerability Could Have Allowed Hackers to Access Your Data on Any Website

On June 28, 2021, Microsoft released updates for the Edge browser addressing two security flaws, one of which involves a critical security bypass vulnerability. This flaw could potentially allow hackers to inject and execute arbitrary code across all websites. Identified as CVE-2021-34506 (CVSS score: 5.4), the issue is rooted in a universal cross-site scripting (UXSS) vulnerability that occurs when the browser’s automatic translation feature, powered by Microsoft Translator, is used. The vulnerability was discovered and reported by Ignacio Laurence along with Vansh Devgan and Shivam Kumar Singh from CyberXplore Private Limited. CyberXplore researchers explained, “Unlike conventional XSS attacks, UXSS exploits client-side vulnerabilities in the browser or extensions to create an XSS condition and run malicious code.”

Researchers Release PoC Exploit for Critical Windows RCE Vulnerability

On June 30, 2021, a proof-of-concept (PoC) exploit for a remote code execution vulnerability in the Windows Print Spooler, identified as CVE-2021-1675, was temporarily posted online before being removed. This security flaw, which Microsoft addressed in a Patch Tuesday update on June 8, 2021, could allow remote attackers to gain complete control over affected systems. The Print Spooler component, responsible for managing printer operations and loading drivers, poses significant risks due to its wide attack surface and high privilege level that enables the dynamic loading of third-party binaries. Shortly after the initial patch, Microsoft updated its assessment of the vulnerability’s impact from an elevation of privilege to remote code execution (RCE) and increased the severity rating.

Microsoft Alerts Users to Critical “PrintNightmare” Vulnerability Under Active Exploitation

On July 2, 2021, Microsoft confirmed that the “PrintNightmare” remote code execution (RCE) vulnerability in the Windows Print Spooler differs from a previously addressed issue in its recent Patch Tuesday update. The company has observed active attempts to exploit this flaw, tracked under CVE-2021-34527, with a severity rating of 8.8 on the CVSS scale. All Windows versions are affected by this vulnerability. Microsoft stated, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.” Successful exploitation could allow attackers to execute arbitrary code with SYSTEM privileges, enabling them to install programs, manipulate data, or create accounts with full user rights.