CVE-2024-0097 - Vulnerability Details - OpenCVE

NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Nvidia	Chatrtx

Configuration 1 [-]

AND

cpe:2.3:a:nvidia:chatrtx:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://nvidia.custhelp.com/app/answers/detail/a_id/5533

History

Wed, 17 Sep 2025 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft Microsoft windows
CPEs		cpe:2.3:a:nvidia:chatrtx:::::::: cpe:2.3:o:microsoft:windows:-:::::::*
Vendors & Products		Microsoft Microsoft windows

MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2024-05-09T22:16:43.481Z

Updated: 2024-08-01T17:41:15.925Z

Reserved: 2023-12-02T00:42:06.849Z

Link: CVE-2024-0097

Vulnrichment

Updated: 2024-08-01T17:41:15.925Z

NVD

Status : Analyzed

Published: 2024-05-14T14:39:30.727

Modified: 2025-09-17T16:14:20.063

Link: CVE-2024-0097

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0097", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-12-02T00:42:06.849Z", "datePublished": "2024-05-09T22:16:43.481Z", "dateUpdated": "2024-08-01T17:41:15.925Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ChatRTX", "vendor": "nvidia", "versions": [{"status": "affected", "version": "All versions prior to and including 0.2.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering."}], "value": "NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Information disclosure, escalation of privileges, data tampering"}]}], "metrics": [{"cvssV3_1": {"baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-05-09T22:16:43.481Z"}, "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE"}, "adp": [{"affected": [{"vendor": "nvidia", "product": "chatrtx", "cpes": ["cpe:2.3:a:nvidia:chatrtx:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "0.2.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-10T16:48:39.489651Z", "id": "CVE-2024-0097", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T13:05:37.589Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:15.925Z"}, "title": "CVE Program Container", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:15.925Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0097", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-10T16:48:39.489651Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nvidia:chatrtx:*:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "chatrtx", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "0.2.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-10T16:50:18.375Z"}}], "cna": {"title": "CVE", "source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Information disclosure, escalation of privileges, data tampering"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "nvidia", "product": "ChatRTX", "versions": [{"status": "affected", "version": "All versions prior to and including 0.2.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"}], "descriptions": [{"lang": "en", "value": "NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering.", "supportingMedia": [{"type": "text/html", "value": "NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-05-09T22:16:43.481Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0097", "state": "PUBLISHED", "dateUpdated": "2024-08-01T17:41:15.925Z", "dateReserved": "2023-12-02T00:42:06.849Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2024-05-09T22:16:43.481Z", "assignerShortName": "nvidia"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:chatrtx:*:*:*:*:*:*:*:*", "matchCriteriaId": "602B4225-8BB8-4B30-A13F-78B0C775840C", "versionEndExcluding": "0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering."}, {"lang": "es", "value": "NVIDIA ChatRTX para Windows contiene una vulnerabilidad en la interfaz de usuario de ChatRTX, donde un usuario puede causar un problema de administraci\u00f3n de privilegios inadecuado al explotar la comunicaci\u00f3n entre procesos entre diferentes procesos. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n, la escalada de privilegios y la manipulaci\u00f3n de datos."}], "id": "CVE-2024-0097", "lastModified": "2025-09-17T16:14:20.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 5.8, "source": "psirt@nvidia.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-14T14:39:30.727", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5533"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}