Nintendo suffers from a string of exploits based on Nvidia Tegra X1 system that describe an unsupported method for executing arbitrary code on all Nintendo Switch consoles, the computer security expert said. Hardware hacker Katherine Temkin and the ReSwitched hacker team today released a summary of what they call the Fusée Gelée cold-start vulnerability, along with a proof-of-concept load. “This Fusée Gelée is not a perfect feat, although in some cases it can be very close,” researcher Temkin told.
This exploit uses a vulnerability inherent in the USB recovery mode of the Tegra X1, bypassing blocking operations that would protect the ROM boot of the chip. By sending an incorrect “long” argument to an incorrectly coded USB control procedure at the correct point, the user can force the system to request up to 65,535 bytes per request. That information overflows a crucial memory direct access buffer (DMA) in the bootROM, allowing data to be copied into the stack of protected applications and giving the attacker the ability to execute arbitrary code.
It seems that the hardest part of the exploit is that it may be forcing the system to a USB recovery mode, information security professionals said. To do this without opening the system, it is necessary to short-circuit a certain pin in the correct Joy-Con connector. The Fail0verflow hacking team tweeted an image of a small plug-in device that can apparently provide this short circuit easily.
What makes this exploit worrying for Nintendo is that it seems that it cannot be solved by a simple downloadable patch; the defective bootROM in question cannot be modified once the Tegra chip leaves the factory. That’s a security measure if the bootROM itself is secure, but it becomes a big problem if the bootROM is exploited, as is the case here, information security researchers said.
As Temkin writes, “Unfortunately, access to the fuses to configure the device’s ipatches was blocked when the ODM_PRODUCTION fuse was blown, so the bootROM update is not possible. It is suggested that consumers are aware of the situation so they can switch to other devices. ”
That suggestion is not very useful for Nintendo, which has already sent more than 14.8 million vulnerable Switch systems to the public. Previous software-level vulnerabilities in Nintendo systems could be mitigated through upgrades of downloadable systems, Nintendo attempts to force users by making them a requirement for new software and access to online servers.
Now, the use of this exploit by the public is limited to a program and load of Python “proof of concept” that can be used to show protected information of the ROM boot instructions of the switch, said information security analysts. The most complete details of how to use the exploit will be published on June 15, writes Temkin, adding on Twitter that “the guides and information so you can use it are also nearby.” And the work continues on a custom Switch boot manager called Atmosphère that apparently will exploit the exploit to run.
The professional also says that she previously notified Nvidia and Nintendo about the existence of this exploit, providing what she calls an “adequate window to communicate with her clients and to achieve the highest possible correction for an unsupported bootROM error”.
The information security expert, Temkin, also writes that he is publicizing the exploit due to “the possibility that the parties that independently discover these vulnerabilities will do very badly”. It is believed that other groups were threatening to publish a similar exploit before the planned release of the Team ReSwitched summer, forcing early disclosure.
The launch is also partly a response to Team Xecuter, a team that plans to sell a modchip exploit that can allow similar code execution on the switch. Temkin opposes Xecuter’s explicit endorsement of piracy and efforts to take advantage of keeping information to some people.