Friday 26 July 2019

NEW VULNERABILITY AT NVIDIA ALLOWS REMOTE CODE EXECUTION AND PRIVILEGE ESCALATION

ORIGINAL CONTENT: https://www.securitynewspaper.com/2019/07/23/new-vulnerability-at-nvidia-allows-remote-code-execution-and-privilege-escalation/

A new vulnerability in NVIDIA Tegra processors exposes multiple cyberattacks to systems that use them, primarily Internet of Things (IoT) devices. According to information security servicesspecialists, vulnerable equipments are exposed to data forwarding, hijacking, malicious code execution and privilege escalation.

Researcher Triszka Balázs was in charge of discovering the vulnerability; after publishing its finding, he assured that any device that uses these processors is exposed to the flaw. The specialist also published a proof of concept showing the method of exploitation.

The vulnerability was tracked as CVE-2019-5680 and NVIDIA has already released an update patch to mitigate risks. Information security services experts mention that the vulnerability lies specifically in the Jetson TX1 L4T system, which is typically deployed on devices that require low power consumption, such as drones, routers, etc. Proof of concept may be able to flash Tegra chips to run Jetson TX1, thereby significantly growing the scope of the vulnerability.

The proof of concept developed by the researcher takes advantage of something known as cold-boot attack. This scenario occurs when hackers can access sensitive data on a device through RAM because the system did not shut down properly.

The vulnerability received a score of 7.7/10 on the Common Vulnerability Scoring System(CVSS) scale, making it a critical failure, information security services specialists mentioned. The company has made no mention of the incident.

According to the specialists from the International Institute of Cyber Security (IICS), the most common way to exploit such flaw is when a local hacked gets access to the device and performs some type of writing on the eMMC card, which is incorporated into the chip. If the attacker does not have local access to the devices the malicious payload can be delivered by fraudulent apps or redirecting the user to a website from where they can write in the card.


0 comments:

Post a Comment