Description
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4631
Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
Scores
CVSS v3
5.5
EPSS
0.0001
EPSS Percentile
0.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-326
CWE-200
Status
published
Products (2)
google/android
nvidia/shield_tv_firmware
< 6.2
Published
Mar 06, 2018
Tracked Since
Feb 18, 2026