Main Vulnerability Database Vulnerabilities #VU105099

#VU105099 Unimplemented or Unsupported Feature in UI in Jetson AGX Orin Series and IGX Orin - CVE-2024-0148

Published: February 27, 2025

Vulnerability identifier: #VU105099

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Clear

CVE-ID: CVE-2024-0148

CWE-ID: CWE-447

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Jetson AGX Orin Series
IGX Orin

Software vendor:
nVidia

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to unimplemented or unsupported feature in UI within the UEFI firmware RCM boot mode. An attacker with physical access can execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

External links

https://nvidia.custhelp.com/app/answers/detail/a_id/5617

#VU105099 Unimplemented or Unsupported Feature in UI in Jetson AGX Orin Series and IGX Orin - CVE-2024-0148

Description

Remediation

External links

Please verify you're human