CVE-2024-0148

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Feb 25, 2025

CWE ID 447

Summary

CVE-2024-0148 is a vulnerability affecting NVIDIA Jetson Linux and IGX OS images. The issue lies in the UEFI firmware's RCM boot mode, which can be exploited by an unprivileged attacker with physical access to the device. Successful exploitation may result in code execution, privilege escalation, data tampering, denial of service, and information disclosure. The reach of the vulnerability extends to potentially impacting other components.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3uBayL
https://www.cve.org/CVERecord?id=CVE-2024-0148
https://nvd.nist.gov/vuln/detail/CVE-2024-0148

Back to Vulnerability Database

CVE-2024-0148

CVSS 3.1 Score 7.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations