NVIDIA has released a security update for its GPU display driver for Windows, containing a fix for a high-severity flaw that threat actors can exploit to perform, among other things, code execution and privilege escalation.
The latest security update addresses 25 vulnerabilities on the Windows and Linux GPU drivers, while seven flaws are categorized as high-severity.
The two most critical vulnerabilities are:
- CVE-2022-34669 (CVSS v3.1: 8.8) – Locally exploited user mode flaw in the Windows GPU driver allowing an unprivileged regular user to access or modify files critical to the application, potentially leading to code execution, privilege escalation, information disclosure, data tampering, and denial of service.
- CVE-2022-34671 (CVSS v3.1: 8.5) – Remotely exploited user mode flaw in the Windows GPU driver allowing an unprivileged regular user to cause an out-of-bounds write, potentially leading to code execution, privilege escalation, information disclosure, data tampering, and denial of service.
CVE-2022-34671 has a lower severity rating despite being vulnerable to network attacks because of its high complexity, making its exploitation less likely.
However, the CVE-2022-34669 flaw is more helpful to hackers and malware developers who already have access to a Windows device and are looking for ways to escalate their privileges or execute code.
GPU and hardware drivers run with elevated privileges on the OS, so exploiting a vulnerability in a driver provides the same high level of privileges to malicious code or commands.
Considering the popularity of NVIDIA products, there's a high chance of finding vulnerable GPU drivers on targeted computers, allowing attackers to exploit these flaws to gain greater privileges and spread further on a network.
nvidia.custhelp.com
