Sign-up

ID

VAR-202108-0238


CVE

CVE-2021-1113


TITLE

Jetson Linux  Fraud related to unauthorized authentication in

Trust: 0.8

sources: JVNDB: JVNDB-2021-010529

DESCRIPTION

NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients. Jetson Linux Exists in a fraudulent authentication vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.25

sources: NVD: CVE-2021-1113 // JVNDB: JVNDB-2021-010529 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-1113

IOT TAXONOMY

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:nvidiamodel:jetson linuxscope:ltversion:32.6.1

Trust: 1.0

vendor:nvidiamodel:jetson linuxscope:gteversion:32.1

Trust: 1.0

vendor:nvidiamodel:jetson linuxscope:eqversion: -

Trust: 0.8

vendor:nvidiamodel:jetson linuxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-010529 // NVD: CVE-2021-1113

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1113
value: MEDIUM

Trust: 1.0

psirt@nvidia.com: CVE-2021-1113
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-1113
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202108-440
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-1113
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-1113
severity: MEDIUM
baseScore: 5.4
vectorString: AV:L/AC:M/AU:N/C:N/I:P/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULMON: CVE-2021-1113
severity: MEDIUM
baseScore: 5.6
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1113
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 0.5
impactScore: 4.2
version: 3.1

Trust: 2.0

NVD: CVE-2021-1113
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-1113 // JVNDB: JVNDB-2021-010529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-440 // NVD: CVE-2021-1113 // NVD: CVE-2021-1113

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 1.0

problemtype:Illegal authentication (CWE-863) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-010529 // NVD: CVE-2021-1113

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202108-440

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Security Bulletinurl:https://nvidia.custhelp.com/app/answers/detail/a_id/5216

Trust: 0.8

title:NVIDIA Jetson Fixes for permissions and access control issues vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159701

Trust: 0.6

sources: JVNDB: JVNDB-2021-010529 // CNNVD: CNNVD-202108-440

EXTERNAL IDS

db:NVDid:CVE-2021-1113

Trust: 3.4

db:JVNDBid:JVNDB-2021-010529

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021080501

Trust: 0.6

db:CNNVDid:CNNVD-202108-440

Trust: 0.6

db:OTHERid:NONE

Trust: 0.1

db:VULMONid:CVE-2021-1113

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-1113 // JVNDB: JVNDB-2021-010529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-440 // NVD: CVE-2021-1113

REFERENCES

url:https://nvidia.custhelp.com/app/answers/detail/a_id/5216

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-1113

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021080501

Trust: 0.6

url:https://ieeexplore.ieee.org/abstract/document/10769424

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/863.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: OTHER: None // VULMON: CVE-2021-1113 // JVNDB: JVNDB-2021-010529 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-440 // NVD: CVE-2021-1113

SOURCES

db:OTHERid: -
db:VULMONid:CVE-2021-1113
db:JVNDBid:JVNDB-2021-010529
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202108-440
db:NVDid:CVE-2021-1113

LAST UPDATE DATE

2025-01-30T19:45:38.025000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-1113date:2021-08-24T00:00:00
db:JVNDBid:JVNDB-2021-010529date:2022-07-04T07:44:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202108-440date:2022-07-18T00:00:00
db:NVDid:CVE-2021-1113date:2022-07-15T17:51:34.780

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-1113date:2021-08-11T00:00:00
db:JVNDBid:JVNDB-2021-010529date:2022-07-04T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202108-440date:2021-08-05T00:00:00
db:NVDid:CVE-2021-1113date:2021-08-11T22:15:08.467