NVIDIA ChatRTX Vulnerability: Local Privilege Escalation and Data Tampering
CVE-2024-0082

8.2HIGH

Key Information:

Vendor: Nvidia
Status: Chatrtx
Vendor: CVE Published:; 8 April 2024

Summary

NVIDIA ChatRTX for Windows features a vulnerability within its user interface that allows an attacker to manipulate open file requests. This improper privilege management can lead to significant security risks, including the potential for local escalation of privileges, unauthorized information disclosure, and data tampering, thereby compromising the integrity and confidentiality of the affected system.

Affected Version(s)

ChatRTX 0.2 and prior versions

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5532

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 8, 2024
Vulnerability Reserved
Dec 2, 2023