Main Vulnerability Database SB2019080640

SB2019080640 - Improper Authentication in nVidia SHIELD TV

Published: August 6, 2019 Updated: August 7, 2019

Security Bulletin ID SB2019080640

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2019-5679)

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the Trusted OS image is improperly authenticated in the Tegra bootloader in nvtboot. A local authenticated attacker can bypass authentication process and gain unauthorized access to the application.

This vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.

Remediation

Install update from vendor's website.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4804