Nvidia's ChatRTX AI had serious vulnerabilities but the chipmaker patched them swiftly
Attackers exploiting these vulnerabilities could have taken control of your PC
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Ai has become the ultimate tool for cyberattacks, but if they are installed locally on your PC, they can become as vulnerable as any other app.
ChatRTX in Nvidia’s approach to a ChatGPT-like bot. You can install it on your PC if you have 16 GB of RAM and 35 GB of storage, and NVIDIA GeForce RTX 30 or 40 Series GPU, or NVIDIA RTX Ampere or Ada Generation GPU with at least 8GB of VRAM.
The bot is pretty powerful because you can select the LLM of your choice, but recently, according to Nvidia’s security bulletin, the tool had two vulnerabilities.
ChatRTX AI had pretty severe vulnerabilities
CVE‑2024‑0082 (CWE-269) was a high severity vulnerability which exploited could have led to local escalation of privileges, information disclosure, and data tampering.
The other vulnerability, CVE‑2024‑0083 (CWE-79) was medium severity and it addressed a scripting error, allowing the potential attacker to run malicious scripts in your browser. The wrongdoer could then execute code and steal the information from your PC.
However, we have good news because Nvidia says that the vulnerabilities were not exploited and that they patched them in the latest version of ChatRTX 0.2. So, if you didn’t update the app, now it’s time to do so. You may also uninstall it completely and install the latest version from Nvidia’s dedicated webpage.
It’s also worth mentioning that ChatRTX is still in the Beta stage and Nvidia didn’t disclosed a date for the stable version of the app.
Read more about it here. Did you update ChatRTX to the latest version? Tell us if you’ve had any problems in the comments section below.
User forum
0 messages