CVE-2024-0077

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 27, 2024

Updated: Mar 28, 2024

CWE ID 285

Summary

CVE-2024-0077 is a newly disclosed vulnerability affecting NVIDIA's Virtual GPU Manager. The issue lies within the vGPU plugin, which inappropriately grants resource allocation permissions to unauthorized guest operating systems. An exploitation of this flaw can result in significant consequences, including code execution, denial of service, privilege escalation, information disclosure, and data tampering. This vulnerability poses a serious risk to organizations utilizing NVIDIA Virtual GPUs and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/usIR-8
https://www.cve.org/CVERecord?id=CVE-2024-0077
https://nvd.nist.gov/vuln/detail/CVE-2024-0077

Back to Vulnerability Database

CVE-2024-0077

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations