Vulnerability Details : CVE-2017-0352
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges
Exploit prediction scoring system (EPSS) score for CVE-2017-0352
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 10 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-0352
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-0352
-
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-0352
-
http://www.securityfocus.com/bid/98517
NVIDIA GPU Driver CVE-2017-0352 Local Privilege Escalation Vulnerability
-
http://nvidia.custhelp.com/app/answers/detail/a_id/4462
Security Bulletin: NVIDIA GPU Display driver contains multiple vulnerabilities in the kernel mode layer handler | NVIDIAVendor Advisory
Products affected by CVE-2017-0352
- cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*