March 28, 2024 at 11:41AM
Nvidia’s AI-powered ChatRTX app, launched six weeks ago, has received patches for two security vulnerabilities, including privilege escalation and remote code execution. Users can update to version 0.2 to address the flaws, rated at medium (CVE‑2024‑0083) and high (CVE‑2024‑0082) severity levels. Nvidia advises users to consider a complete reinstallation for maximum safety.
From the meeting notes, it is clear that Nvidia’s AI-powered ChatRTX app has encountered security vulnerabilities. The vulnerabilities, designated CVE‑2024‑0082 and CVE‑2024‑0083, have been addressed through patches in the latest version, 0.2.
The vulnerabilities in earlier versions of the ChatRTX app included risks such as privilege escalation, data stealing, data tampering, and remote code execution (RCE). While the security scores for these vulnerabilities were moderate, the potential for exploitation of privilege escalation and RCE poses significant risks to users.
It is recommended that all users update to version 0.2 of ChatRTX to mitigate these security issues. However, Nvidia’s messaging about the version numbers of the last affected version and the updated version being both 0.2 may cause confusion, so users may want to consider reinstalling the app entirely for added safety. Additionally, it is mentioned that Nvidia is being contacted for further comments on these vulnerabilities.