NVIDIA GPU Display Driver Vulnerability Could Lead to Code Execution, Information Disclosure, or Data Tampering
CVE-2024-0089

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Gpu Display Driver, Vgpu Software, And Cloud Gaming
Vendor: CVE Published:; 13 June 2024

Summary

The NVIDIA GPU Display Driver for Windows contains a vulnerability that may allow information from previous clients or other processes to be disclosed. This flaw can potentially enable unauthorized code execution and facilitate data tampering, posing risks for systems interacting with affected versions of the driver. Proper security measures and timely updates are essential to mitigate potential exploits of this vulnerability.

Affected Version(s)

GPU display driver, vGPU software, and Cloud Gaming All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5551

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2024
Vulnerability Reserved
Dec 2, 2023