"This report documents Fusée Gelée, a coldboot vulnerability that allows full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM) on NVIDIA's Tegra line of embedded processors". The ReSwitched team also prepared a proof of concept exploit for the Nintendo Switch, as can be seen in the following image. The flaw would need to be fixed at the factory level, which means all Switch devices are permanently vulnerable. This is because the Tegra X1 bootROM on the Switch has been hardcoded into it and can not be changed once it has left the factory. Temkin said that people with lack of knowledge could end up damaging their device. Although adding that such an application isn't helpful for a chip-level bootROM exploit, Nintendo may still be able to detect hacked systems via a software update, allowing it to restrict access to machines that have been hacked. However, this relies on being able to boot affected devices into USB recovery mode in conjunction with a Linux or macOS computer to push an executable to the Switch using a Python script.
"Nintendo can only patch Boot ROM bugs during the manufacturing process. By carefully constructing a USB control request, an attacker can leverage this vulnerability to copy the contents of an attacker-controlled buffer over the active execution stack, gaining control of the Boot and Power Management processor (BPMP) before any lock-outs or privilege reductions occur", she explained.
Nintendo has been concerned about protecting its system security from hackers - even refusing to provide backup options for saved games to other devices or microSD cards due to possible security issues.
Once the exploit is, er, exploited, it cannot only allow data to be exfiltrated but also allow for custom bootloaders; Temkin is working on here own one called Atmosphere.
The attack is created to overwhelm the memory of an internal piece of hardware in the popular gaming system to gain access to its most basic command level.
However, "for a device already in consumer hands, no solution is proposed".
Temkin wrote, "Unfortunately, access to the fuses required to configure the device's ipatches was blocked when the ODM_PRODUCTION fuse was burned, so no bootROM update is possible".