CVE-2022-42269 HIGH

CVE-2022-42269

Vendor Nvidia
Product Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX1, Jetson TX2 series, Jetson TX2 NX
Weakness CWE-20 · Input validation
Published December 30, 2022
Last update April 10, 2025

CVSS base score

7.9/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.

Key dates

02Disclosure timeline

December 30, 2022 CVE published
April 10, 2025 Record updated