A stack buffer overflow in the NVIDIA Display Driver Service may be exploited to add a new user on your computer despite the security checks implemented at the operating system level. According to security researcher Peter Winter-Smith, the flaw can be exploited by any logged on user or remote user in a domain context (i.e. a user on a corporate network).
The entire process is documented in the proof-of-concept code released along with the announcement.
“The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability,“ wrote Winter-Smith.
While it may be true that the exploit requires the attacker to have a valid account on a computer or on a corporate network, access to a machine can be achieved by phishing a corporate user, for instance. From then on, the attacker can escalate its privileges to access mission-critical machines that run the vulnerable driver.
This is not an isolated incident for Nvidia. Earlier in August, the closed-source Nvidia driver for Linux was found to be vulnerable to a bug that granted root access to any limited user on the machine.
tags
Bogdan is living his second childhood at Bitdefender as director of threat research.
View all postsJune 26, 2024
June 25, 2024
June 07, 2024