CVE-2024-0082

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. A successful exploit of this vulnerability might lead to local escalation of privileges, information disclosure, and data tampering

CVSS v3 8.2 HIGH

8.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5532
https://nvidia.custhelp.com/app/answers/detail/a_id/5532

Configurations

No configuration.

History

21 Nov 2024, 08:45

Type	Values Removed	Values Added
References	~~() https://nvidia.custhelp.com/app/answers/detail/a_id/5532 -~~	() https://nvidia.custhelp.com/app/answers/detail/a_id/5532 -

09 Apr 2024, 12:48

Type	Values Removed	Values Added
Summary		(es) NVIDIA ChatRTX para Windows contiene una vulnerabilidad en la interfaz de usuario, donde un atacante puede provocar una gestión inadecuada de privilegios al enviar solicitudes de apertura de archivos a la aplicación. Una explotación exitosa de esta vulnerabilidad podría conducir a una escalada local de privilegios, divulgación de información y manipulación de datos.

08 Apr 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-08 22:15

Updated : 2024-11-21 08:45

NVD link : CVE-2024-0082

Mitre link : CVE-2024-0082

CVE.ORG link : CVE-2024-0082

JSON object : View

Products Affected

No product.

CWE

CWE-269

Improper Privilege Management

8.2 /10