CVE-2021-1111 Information

Description

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check which may lead to buffer overflow resulting in limited information disclosure limited data integrity and denial of service across all components.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5216

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

HIGH

Base Severity

6.7