← Back to CVEs
CVE-2026-24148
HIGH8.3
Description
NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID.
CVE Details
CVSS v3.1 Score8.3
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published3/31/2026
Last Modified4/3/2026
Sourcenvd
Honeypot Sightings0
Affected Products
nvidia:jetson_agx_orin_32gbnvidia:jetson_agx_orin_64gbnvidia:jetson_agx_orin_developer_kitnvidia:jetson_agx_orin_industrialnvidia:jetson_agx_xavier_32gbnvidia:jetson_agx_xavier_64gbnvidia:jetson_agx_xavier_industrialnvidia:jetson_linuxnvidia:jetson_orin_nano_4gbnvidia:jetson_orin_nano_8gbnvidia:jetson_orin_nano_super_developer_kitnvidia:jetson_orin_nx_16gbnvidia:jetson_orin_nx_8gbnvidia:jetson_xavier_nx_16gbnvidia:jetson_xavier_nx_8gb
Weaknesses (CWE)
CWE-1188
References
https://nvd.nist.gov/vuln/detail/CVE-2026-24148(psirt@nvidia.com)
https://nvidia.custhelp.com/app/answers/detail/a_id/5797(psirt@nvidia.com)
https://www.cve.org/CVERecord?id=CVE-2026-24148(psirt@nvidia.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.