CVE-2021-1088
moderate-risk
Published 2021-11-20
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
Do I need to act?
-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.1/10
Medium
LOCAL
/ HIGH complexity
Affected Products (20)
Dgx-1 P100
Dgx-1 V100
Dgx-2
Dgx Station A100
Drive Constellation
Geforce Gt 605
Geforce Gt 610
Geforce Gt 620
Geforce Gt 625
Geforce Gt 630
Geforce Gt 635
Geforce Gt 640
Geforce Gt 705
Geforce Gt 710
Geforce Gt 720
Geforce Gt 730
Geforce Gt 740
Geforce Gtx 1050
Geforce Gtx 1050 Ti
Geforce Gtx 1060
Affected Vendors
References (2)
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5263
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5263
43
/ 100
moderate-risk
Severity
11/34 · Low
Exploitability
0/34 · Minimal
Exposure
32/34 · Critical