NVIDIA UFM Vulnerability Let Attackers Escalate Privileges


A high-severity vulnerability has been disclosed recently on November 26, 2024 by NVIDIA affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products.

The flaw, identified as CVE-2024-0130, could allow attackers to escalate privileges, tamper with data, cause denial of service, and access sensitive information.

The security issue, which received a CVSS v3.1 base score of 8.8, stems from an improper authentication mechanism.

Attackers can exploit this vulnerability by sending malformed requests through the Ethernet management interface of affected UFM systems.

NVIDIA stated, “A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, and information disclosure.”

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

Affected Products and Versions

The vulnerability impacts multiple versions of NVIDIA’s UFM product line, including:-

  • UFM Enterprise GA (versions 6.15.x, 6.16.x, 6.17.x)
  • UFM Enterprise LTS23 (versions 6.15.x LTS prior to 6.15.6-4 LTS)
  • UFM Enterprise Appliance GA (versions 1.6.x, 1.7.x, 1.8.x)
  • UFM Enterprise Appliance LTS23 (versions 1.6.x LTS prior to 1.6.6-1 LTS)
  • UFM SDN Appliance GA (versions 4.14.x, 4.15.x, 4.16.x)
  • UFM SDN Appliance LTS23 (versions 4.14.x LTS prior to 4.14.6.4 LTS)
  • UFM CyberAI GA (versions 2.6.x, 2.7.x, 2.8.x)
  • UFM CyberAI LTS23 (version 2.6.1-3 LTS)

NVIDIA has released firmware updates to address the vulnerability across all affected products. Users are strongly advised to download and install these updates from the NVIDIA Enterprise Support Portal immediately.

It’s worth noting that the vulnerability is primarily exploitable through the Ethernet management interface of UFM systems, which is typically isolated from public networks in most deployments.

Additionally, LTS22 versions of UFM products are not affected by this vulnerability. This security flaw underscores the critical importance of timely patch management, especially for infrastructure management tools like NVIDIA’s UFM suite.

As these systems often have privileged access to network resources, any vulnerability can potentially lead to widespread compromise if exploited.

Organizations using NVIDIA UFM products should prioritize the application of these security updates to mitigate the risk of potential attacks.

IT administrators are encouraged to review their network configurations and ensure that management interfaces are properly isolated from untrusted networks.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar



Source link