How severe is CVE-2023-0192?

Medium severity. CVSS v3 base score is 4.7 out of 10.

Privilege escalation in Nvidia Vgpu Software (Virtual Gpu Manager - Citrix Hypervisor, Vmware Vsphere, Red Hat Enterprise Linux Kvm), Cloud Gaming Kvm)

CVE-2023-0192

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure.

Vulnerability class: Privilege Escalation

EPSS: 0.001 (27.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:L.

Affected products

Nvidia Vgpu Software (Virtual Gpu Manager - Citrix Hypervisor, Vmware Vsphere, Red Hat Enterprise Linux Kvm), Cloud Gaming Kvm) — versions All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

nvidia.custhelp.com/app/answers/detail/a_id/5452

Frequently asked questions

What is CVE-2023-0192?: CVE-2023-0192 is a medium-severity vulnerability in Nvidia Vgpu Software (Virtual Gpu Manager - Citrix Hypervisor, Vmware Vsphere, Red Hat Enterprise Linux Kvm), Cloud Gaming Kvm), classified under Improper Privilege Management. CVSS score: 4.7/10. Published 2023-04-01.
How severe is CVE-2023-0192?: Medium severity. CVSS v3 base score is 4.7 out of 10.