// For flags

CVE-2020-5971

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

NVIDIA Virtual GPU Manager contiene una vulnerabilidad en el plugin vGPU, en la que el software lee desde un búfer mediante el uso de mecanismos de acceso al búfer tales como índices o punteros que hacen referencia a ubicaciones de la memoria después del búfer objetivo, lo que puede conllevar a una ejecución de código, denegación de servicio, escalada de privilegios o divulgación de información. Esto afecta a vGPU versión 8.x (anteriores a 8.4), versión 9.x (anteriores a 9.4) y versión 10.x (anteriores a 10.3)

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-01-07 CVE Reserved
  • 2020-06-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://nvidia.custhelp.com/app/answers/detail/a_id/5031 2020-07-10
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Nvidia
Search vendor "Nvidia"
 Virtual Gpu Manager
Search vendor "Nvidia" for product "Virtual Gpu Manager"
 >= 8.0 <= 8.3
Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 8.0 <= 8.3"
-
Affected
Nvidia
Search vendor "Nvidia"
 Virtual Gpu Manager
Search vendor "Nvidia" for product "Virtual Gpu Manager"
 >= 9.0 <= 9.3
Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 9.0 <= 9.3"
-
Affected
Nvidia
Search vendor "Nvidia"
 Virtual Gpu Manager
Search vendor "Nvidia" for product "Virtual Gpu Manager"
 >= 10.0 <= 10.2
Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 10.0 <= 10.2"
-
Affected