The ReSwitched team, which specializes in cracking the Nintendo Switch game console to execute homebrew software, this week announced the vulnerability details called Fusée Gelée, which is a security hole hidden in the Switch host core Nvidia Tegra X1 chip that will allow hackers to execute arbitrary programs. , and declared that the host can not be repaired after leaving the factory.
According to the team's explanation, the related vulnerabilities exist in Tegra's recovery mode (Tegra Recovery Mode), which is caused by a bug in the BootRom program, allowing hackers to execute arbitrary programs when they enter recovery mode. This also means that the vulnerability must be The Switch host can only be mined when connected to a computer with a USB cable.
For gamers, the biggest advantage of this vulnerability is that it can be used to back up the game, while Team Xecuter, which specializes in cracking various game consoles, has plans to launch a crack chip for mining related holes.
Kate Temkin, a hardware engineer at the ReSwitched team, said that the Fusée Gelée vulnerabilities not only affect Switch or X1, but may also affect other devices using Nvidia Tegra X1 or Tegra chips that affect more. The team has already submitted vulnerabilities details to companies such as Nvidia and Nintendo. It is not open to the public until June, but in order to avoid letting certain evil groups benefit from it, they decided to announce it early.
The ReSwitched team emphasized that they dismantled the Switch game console just to use homemade software, and did not support any form of piracy. Team Xecuter was a commercial team that cracked various game consoles, making the speculation of ReSwitched's practice against the outside world. Team Xecuter.
Temkin also warned that the relevant vulnerabilities affect all versions of the Switch firmware, and since it is a program error in read-only BootRom, it is almost impossible to repair after the switch is shipped.
Although the vulnerability will also affect Nvidia Tegra X1 devices outside Switch, some device manufacturers say that hackers need to actually access devices to exploit vulnerabilities and reduce the threat of vulnerabilities, so they are not too worried.