PodParley PodParley
PodParley
Making the Magic Leap past NVIDIA's secure bootchain and breaking some Tesla Autopilots along the way (39c3) episode artwork

EPISODE · Dec 29, 2025 · 57 MIN

Making the Magic Leap past NVIDIA's secure bootchain and breaking some Tesla Autopilots along the way (39c3)

from Chaos Computer Club - recent events feed (high quality) · host Elise Amber Katze

The Tegra X2 is an SoC used in devices such as the Magic Leap One, and Tesla's Autopilot 2 & 2.5 promising a secure bootchain. But how secure really is the secure boot? In this talk I go over how I went from a secured Magic Leap One headset, to exploiting the bootloader over USB, to doing fault injection to dump the BootROM, to finding and exploiting an unpatchable vulnerability in the BootROM's USB recovery mode affecting all Tegra X2s. In mid 2024, a friend approached me about Magic Leap making their TX2 based XR headsets little more than a paperweight by disabling the mandatory activation servers. I morally dislike this, companies shouldn't turn functional devices into e-waste just because they want to sell newer devices. After obtaining one, and poking at the Fastboot implementation, I discovered it was based off NVIDIA's Fastboot implementation, which is source available. I found a vulnerability in the NVIDIA provided source code in how it unpacks SparseFS images (named sparsehax), and successfully blindly exploited the modified implementation on the Magic Leap One. I also found a vulnerability in it that allowed gaining persistence via how it loads the kernel DTB (named dtbhax). Still unsatisfied with this, I used fault injection to dump the BootROM from a Tegra X2 devkit. In the BootROM I discovered a vulnerability in the USB recovery mode. Exploiting this vulnerability proved difficult due to only having access to memory from the perspective of the USB controller. I will explain what was tried, why it didn't work, and how I eventually got code execution at the highest privilege level via it. As I will demonstrate, this exploit also functions on Tesla's autopilot hardware. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://events.ccc.de/congress/2025/hub/event/detail/making-the-magic-leap-past-nvidia-s-secure-bootchain-and-breaking-some-tesla-autopilots-along-the-way

What this episode covers

The Tegra X2 is an SoC used in devices such as the Magic Leap One, and Tesla's Autopilot 2 & 2.5 promising a secure bootchain. But how secure really is the secure boot? In this talk I go over how I went from a secured Magic Leap One headset, to exploiting the bootloader over USB, to doing fault injection to dump the BootROM, to finding and exploiting an unpatchable vulnerability in the BootROM's USB recovery mode affecting all Tegra X2s. In mid 2024, a friend approached me about Magic Leap making their TX2 based XR headsets little more than a paperweight by disabling the mandatory activation servers. I morally dislike this, companies shouldn't turn functional devices into e-waste just because they want to sell newer devices. After obtaining one, and poking at the Fastboot implementation, I discovered it was based off NVIDIA's Fastboot implementation, which is source available. I found a vulnerability in the NVIDIA provided source code in how it unpacks SparseFS images (named sparsehax), and successfully blindly exploited the modified implementation on the Magic Leap One. I also found a vulnerability in it that allowed gaining persistence via how it loads the kernel DTB (named dtbhax). Still unsatisfied with this, I used fault injection to dump the BootROM from a Tegra X2 devkit. In the BootROM I discovered a vulnerability in the USB recovery mode. Exploiting this vulnerability proved difficult due to only having access to memory from the perspective of the USB controller. I will explain what was tried, why it didn't work, and how I eventually got code execution at the highest privilege level via it. As I will demonstrate, this exploit also functions on Tesla's autopilot hardware. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://events.ccc.de/congress/2025/hub/event/detail/making-the-magic-leap-past-nvidia-s-secure-bootchain-and-breaking-some-tesla-autopilots-along-the-way

NOW PLAYING

Making the Magic Leap past NVIDIA's secure bootchain and breaking some Tesla Autopilots along the way (39c3)

0:00 57:56

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

LIGHTS, CAMERA, SMILE! Creatives Club Media Lights, Camera, Smile, is a podcast for anyone with a dream to share something with the world, out of the overflow of themselves - be it their mind, their heart, their personalities, and much more. Each of us are alive in this moment in time, with an innate ability to have ideas and create various things to benefit both ourselves and the people around us for a reason, and here, you will find the encouragement, the inspiration, and the motivation to do just that. Hosted by Cicily, founder of Creatives Club, she dives into various topics surrounding creativity and business. Exploring entrepreneurship for creatives in a corporate reality, sharing tips and tricks in a media centered company, answering questions regarding what a creative actually is are just a few of the things discussed on this podcast. Be encouraged to create for yourself as Cicily gets vulnerable by pivoting the camera to herself for the first time.To submit questions for Cicily to answer, or have her address certain t Chewing the Fat with WorkForge WorkForge Bite-Sized Conversations for Building a Stronger Workforce Welcome to Chewing the Fat, a podcast delving deep into the world of food manufacturing. Dive into real conversations around critical topics like staffing, retention, onboarding, and career development in this essential industry. Subscribe now to gain insights from your peers, subject matter experts and more on the biggest issues facing food manufacturers today: -Hiring and retaining employees -Addressing the challenges of the Silver Tsunami -Improving time to productivity of new employees -Engaging employees from hire to retire And more... Tune in to Chewing the Fat, a WorkForge podcast, and join the conversation on how to build and sustain a resilient, high-performing workforce in food manufacturing. Sermons | Countryside Bible Church Countryside Bible Church At Countryside Bible Church, we equip believers to joyfully live holy lives, to serve one another, and to share the gospel of Jesus Christ, all to the glory of God. We are committed to a high view of God, and a high view of Scripture. The PFN Cincinnati Bengals Podcast Pro Football Network The PFN Cincinnati Bengals Podcast is where you can stay up-to-date with the latest news and analysis on the Cincinnati Bengals! Our hosts, industry experts Jay Morrison and Dallas Robinson, provide weekly coverage of all the latest rumors and updates about the Bengals. Don’t forget to follow the show to receive new episodes directly in your podcast feed and leave a rating and review to let us know your thoughts.

Frequently Asked Questions

How long is this episode of Chaos Computer Club - recent events feed (high quality)?

This episode is 57 minutes long.

When was this Chaos Computer Club - recent events feed (high quality) episode published?

This episode was published on December 29, 2025.

What is this episode about?

The Tegra X2 is an SoC used in devices such as the Magic Leap One, and Tesla's Autopilot 2 & 2.5 promising a secure bootchain. But how secure really is the secure boot? In this talk I go over how I went from a secured Magic Leap One headset, to...

Can I download this Chaos Computer Club - recent events feed (high quality) episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!