CVE-2021-23201

Published Nov 20, 2021

Last updated 3 years ago

CVSS high 7.5

Overview

Description: NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or denial of service of the device. The scope may extend to other components.
Source: psirt@nvidia.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 6
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D69A7BF-4C1C-4A5A-BB98-1498BFE52B8F"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F2544F6-397B-4B24-9809-B335481E43E4"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m2070q:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11F8C0DA-4117-4595-A1D4-DD384D8A6438"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80733A92-049A-480D-A29B-0E0CD789093F"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References