CVE-2017-6284

EUVD-2017-15345
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
nvidiashield_tv_firmware
𝑥
≤ 6.2
googleandroid
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4631
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
http://nvidia.custhelp.com/app/answers/detail/a_id/4631
https://nvidia.custhelp.com/app/answers/detail/a_id/4787