CVE-2021-1115

low-risk
Published 2021-10-27

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Nvidia

References (2)

Patch https://nvidia.custhelp.com/app/answers/detail/a_id/5230
Patch https://nvidia.custhelp.com/app/answers/detail/a_id/5230
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal