CVE-2022-28182

moderate-risk
Published 2022-05-17

NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.

Do I need to act?

~
1.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.5/10 High
NETWORK / HIGH complexity

Affected Products (3)

Affected Vendors

Nvidia

References (2)

Patch https://nvidia.custhelp.com/app/answers/detail/a_id/5353
Patch https://nvidia.custhelp.com/app/answers/detail/a_id/5353
37
/ 100
moderate-risk
Severity 25/34 · High
Exploitability 3/34 · Minimal
Exposure 9/34 · Low