Description
Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM.
CVSS breakdown
CVSS 3.1
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- NVIDIA / SHIELD TVAll versions prior to SE 9.0 – All versions prior to SE 9.0