CVE-2024-0085

MEDIUM

Nvidia Virtual Gpu < 13.11 - Incorrect Privilege Assignment

Title source: rule

Description

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.

References (1)

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5551

Scores

CVSS v3 6.3

EPSS 0.0010

EPSS Percentile 27.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Classification

CWE

CWE-266

Status published

Affected Products (2)

nvidia/virtual_gpu < 13.11

nvidia/cloud_gaming < 555.52.04

Timeline

Published Jun 13, 2024

Tracked Since Feb 18, 2026