Press ESC to close

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

Category Details
Threat Actors Not specified.
Campaign Overview Discovery of five Nvidia out-of-bounds access vulnerabilities in shader processing and eleven vulnerabilities in LevelOne WBR-6012 SOHO router.
Target Regions (Victims) Nvidia vulnerabilities impact PC users; LevelOne vulnerabilities impact small office/home users of the WBR-6012 router globally.
Methodology Remote exploitation via web browsers and virtualized environments (Nvidia); exploitation of hard-coded credentials, cross-site request forgery, resource allocation flaws, and improper input validation (LevelOne).
Product Targeted Nvidia Graphics GPU drivers; LevelOne WBR-6012 SOHO router.
Malware Reference None mentioned.
Tools Used RemoteFX (for Nvidia vulnerabilities, though deprecated by Microsoft).
Vulnerabilities Exploited Nvidia: TALOS-2024-1955 (CVE-2024-0121), TALOS-2024-2012 (CVE-2024-0117), TALOS-2024-2013 (CVE-2024-0118), TALOS-2024-2014 (CVE-2024-0120), TALOS-2024-2015 (CVE-2024-0119).
LevelOne: Multiple CVEs (CVE-2024-28875 to CVE-2024-33623).
TTPs Memory corruption, unauthorized access, cross-site request forgery, authentication bypass, denial of service, and sensitive information disclosure.
Attribution Nvidia: Piotr Bania (Talos team).
LevelOne: Patrick DeSantis and Francesco Benvenuto (Talos team).
Recommendations – For Nvidia, update to patched drivers.
– For LevelOne, update firmware to the latest version when released.
– Use Snort rules to detect exploitation.
– Disable deprecated software like RemoteFX.
Source Cisco Talos Blog

Read full article: https://blog.talosintelligence.com/nvidia-shader-out-of-bounds-and-level1-2/

Disclaimer: The above summary has been generated by an AI language model

Source: Cisco Talos Blog

Published on: October 31, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *