

WASHINGTON (dpa-AFX) - The Nintendo Switch, one of the most successful hand-held gaming console of Nintendo, can easily be hacked.



Hacker Katherine Temkin and others at ReSwitched released an extensive detail report about the Fusée Gelée coldboot vulnerability.



The vulnerability is not just limited to the Nintendo Switch, as it affects the entire devices that uses Nvidia's Tegra X1 processors.



The report documents Fusée Gelée, a coldboot vulnerability that allows full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM) on NVIDIA's Tegra line of embedded processors.



As this vulnerability allows arbitrary code execution on the Boot and Power Management Processor (BPMP) before any lock-outs take effect, this vulnerability compromises the entire root-of-trust for each processor, and allows exfiltration of secrets e.g. burned into device fuses.



'By carefully constructing a USB control request, an attacker can leverage this vulnerability to copy the contents of an attacker-controlled buffer over the active execution stack, gaining control of the Boot and Power Management processor (BPMP) before any lock-outs or privilege reductions occur,' Temkin writes.



