Cyber Resilience

CVE-2021-23219

Medium

Published: 20 November 2021

Published
20 November 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0012 30.7th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-23219 is a medium-severity an unspecified weakness vulnerability in Nvidia Jetson Nano. Its CVSS base score is 4.1 (Medium).

Operationally, ranked at the 30.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

nvidia
dgx-1 p100
all versions
nvidia
dgx-1 v100
all versions
nvidia
dgx-2
all versions
nvidia
dgx station a100
all versions
nvidia
drive constellation
all versions
nvidia
geforce gt 605
all versions
nvidia
geforce gt 610
all versions
nvidia
geforce gt 620
all versions
nvidia
geforce gt 625
all versions
nvidia
geforce gt 630
all versions
+125 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References