NVIDIA OTE Protocol Vulnerability in Trusty TAs: Buffer Overflow and Data Manipulation

NVIDIA OTE Protocol Vulnerability in Trusty TAs: Buffer Overflow and Data Manipulation

CVE-2021-34394 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.

Learn more about our User Device Pen Test.