CVE-2021-1118

CVSS 7.8 HIGHEPSS 0.4%CWE-250

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.8EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

29 Oct 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

NVIDIA · NVIDIA Virtual GPU Software

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5230