Vulnerability Description
NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or denial of service of the device. The scope may extend to other components.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Geforce Gtx 950 | - |
| Nvidia | Geforce Gtx 960 | - |
| Nvidia | Geforce Gtx 970 | - |
| Nvidia | Geforce Gtx 980 | - |
| Nvidia | Geforce Gtx Titan X | - |
| Nvidia | Jetson Nano | - |
| Nvidia | Jetson Tx1 | - |
| Nvidia | Quadro M1000M | - |
| Nvidia | Quadro M1200 | - |
| Nvidia | Quadro M2000 | - |
| Nvidia | Quadro M2000M | - |
| Nvidia | Quadro M2200 | - |
| Nvidia | Quadro M3000M | - |
| Nvidia | Quadro M4000 | - |
| Nvidia | Quadro M4000M | - |
| Nvidia | Quadro M5000 | - |
| Nvidia | Quadro M5000M | - |
| Nvidia | Quadro M500M | - |
| Nvidia | Quadro M520 | - |
| Nvidia | Quadro M5500 | - |
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5263Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5263Vendor Advisory
FAQ
What is CVE-2021-23201?
CVE-2021-23201 is a vulnerability with a CVSS score of 7.5 (HIGH). NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loadin...
How severe is CVE-2021-23201?
CVE-2021-23201 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-23201?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce Gtx 950, Nvidia Geforce Gtx 960, Nvidia Geforce Gtx 970, Nvidia Geforce Gtx 980, Nvidia Geforce Gtx Titan X.