Privilege Escalation Vulnerability in NVIDIA Windows GPU Display Driver
CVE-2016-8824

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Windows Gpu Display Driver
Vendor: CVE Published:; 16 December 2016

Summary

The NVIDIA Windows GPU Display Driver is affected by a vulnerability in the kernel mode layer (nvlddmkm.sys) that allows unauthorized users to write to registry areas reserved for privileged users. This improper access control can lead to privilege escalation, enabling a regular user to gain elevated access permissions within the system. Organizations using this driver should ensure prompt updates to mitigate risks associated with this vulnerability.

Affected Version(s)

Windows GPU Display Driver All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4278

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95015

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2016
Vulnerability Reserved
Oct 18, 2016