CVE-2015-7865

NVIDIA GPU <341.92, <354.35, <358.87 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7865. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit targets the NVIDIA Stereoscopic 3D Driver Service (nvSCPAPISvr.exe) via an insecure named pipe to create an arbitrary system-wide Run key, enabling privilege escalation or remote code execution. The PoC demonstrates writing to the registry to execute commands in the context of any user logging into the system.

Description

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textlocalwindows

https://www.exploit-db.com/exploits/38792

View Code ZIP pw:eip

The exploit targets the NVIDIA Stereoscopic 3D Driver Service (nvSCPAPISvr.exe) via an insecure named pipe to create an arbitrary system-wide Run key, enabling privilege escalation or remote code execution. The PoC demonstrates writing to the registry to execute commands in the context of any user logging into the system.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382

No auth needed

Prerequisites: Access to the target system · NVIDIA Stereoscopic 3D Driver Service installed

MITRE ATT&CK