{"cve":{"cve_id":"CVE-2021-34394","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00264,"epss_percentile":0.17581,"epss_as_of":"2026-06-23","description":"Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.","published_at":"2021-06-22T21:25:29Z","last_modified_at":null,"cvss_v3_score":4.2,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://nvidia.custhelp.com/app/answers/detail/a_id/5205"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:15:46.345261Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"nvidia","vendor_name":"NVIDIA","product_slug":"nvidia-jetson-tx2-series-tx2-nx-agx-xavier-series-xavier-nx","product_name":"NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX","version_start":"All Jetson Linux versions prior to  r32.5.1","version_start_inclusive":true,"version_end":"All Jetson Linux versions prior to  r32.5.1","version_end_inclusive":true,"cpe23_uri":"cve5:nvidia:nvidia-jetson-tx2-series-tx2-nx-agx-xavier-series-xavier-nx:All Jetson Linux versions prior to  r32.5.1:All Jetson Linux versions prior to  r32.5.1"}],"exploit_refs":[],"news":[],"references":[{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5205","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2021-06-22T21:25:29Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:18:38.387826Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:18:38.387826Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:18:38.387826Z","label":"CVSS score revised","source":"cvelistv5"}]}