7.8

CVE-2024-0089

NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.

Data is provided by the National Vulnerability Database (NVD)
NvidiaGpu Display Driver SwPlatformwindows Version >= 470 < 475.06
   NvidiaGeforce Version-
   NvidiaNvs Version-
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaStudio Version-
   NvidiaTesla Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 535 < 538.67
   NvidiaGeforce Version-
   NvidiaNvs Version-
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaStudio Version-
   NvidiaTesla Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 550 < 552.55
   NvidiaGeforce Version-
   NvidiaNvs Version-
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaStudio Version-
   NvidiaTesla Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 555 < 555.99
   NvidiaGeforce Version-
   NvidiaNvs Version-
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaStudio Version-
   NvidiaTesla Version-
NvidiaVirtual Gpu Version < 13.11
   MicrosoftWindows Version-
NvidiaVirtual Gpu Version >= 14.0 < 16.6
   MicrosoftWindows Version-
NvidiaVirtual Gpu Version >= 17.0 < 17.2
   MicrosoftWindows Version-
NvidiaCloud Gaming Version < 555.99
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.13% 0.326
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
psirt@nvidia.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.