CVE-2017-6283 — Sensitive Information Exposure in Nvidia Shield TV Firmware

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 97.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Shield TV Firmware Nvidia Corporation Shield TV

Timeline

PublishedMar 6

Latest updateMay 14

Description

NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDnvidia/shield_tv_firmware6.2

▶CVEListV5nvidia_corporation/shield_tvNA

🔴Vulnerability Details

GHSA

GHSA-qhvw-9rr9-5p73: NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which ma↗2022-05-14

▶

CVEList

CVE-2017-6283: NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which ma↗2018-03-06

▶