CVE-2026-24148 HIGH

CVE-2026-24148

Vendor Nvidia
Product Jetson Xavier Series and Jetson Orin Series
Weakness CWE-1188
Published March 31, 2026
Last update April 2, 2026

CVSS base score

8.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID.

Key dates

02Disclosure timeline

March 31, 2026 CVE published
April 2, 2026 Record updated