In the past, Graphics Processing Unit (GPU) drivers weren’t a typical target for system exploitation, but this has changed in recent years. Many computing applications from desktop to server require more graphics horsepower than ever before and, as such, discrete GPUs are more common than ever. Laptops are even often configured with high-performance GPUs included instead of the basic CPU embedded graphics chipsets of the past. Modern GPUs are highly complicated components requiring complex system drivers to maximize the GPUs capability.

    As system complexity increases continuously, so does the potential for finding a way to exploit the system. This effect is multiplied because GPU drivers usually run in the highest privilege ring of the system, kernel mode. This week, graphics chip maker Nvidia patched its drivers to fix two high security vulnerabilities as well as several lower severity vulnerabilities.

    The first vulnerability patched by Nvidia this week relates to the Nvidia Control Panel component. This software is bundled as part of the Nvidia graphics driver package and allows for adjusting settings related to the graphics subsystem. The vulnerability, assigned CVE-2020-5962, allows for a local attacker to corrupt critical system files, leading to denial of service or escalation of privileges. Little information is available about the vulnerability specifics but systems running this software should be updated to prevent local attacks against the machine.

    CUDA is a subsystem in Nvidia drivers that allows for non-graphics use of the high-performance processing units for machine learning or artificial intelligence programs. These applications benefit greatly from the highly-parallelized nature of graphics hardware and typically use high-end graphics cards for their processing. The second high security vulnerability, CVE-2020-5963, is in the CUDA component of the graphics driver. Again, little information is available about the specifics, but the issue appears to stem from a mistake in the access control security in the Inter Process Communication APIs. This vulnerability could lead to arbitrary code execution from a lower privilege process in the context of a high privilege process.

    Other Nvidia vulnerabilities patched this week are classified as medium severity. CVE-2020-5967 and CVE-2020-5965 appear to be similar vulnerabilities in Linux and Windows respectively, which allow for denial of service to the target system. CVE-2020-5964 and CVE-2020-5966 are exclusive to Windows systems and range in severity from denial of service to arbitrary code execution.
As high-performance GPUs become more common in even basic systems it is important to verify that your drivers are being updated in a timely fashion.

Sources:
       
• https://threatpost.com/nvidia-windows-gamers-graphics-driver-bugs/156911/

• https://nvidia.custhelp.com/app/answers/detail/a_id/5031

Sources:

National Cyber Awareness System:

    Multiple Netgear router models contain vulnerabilities that a remote
attacker can exploit to take control of an affected device.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
and administrators to update to the most recent firmware version and to replace
end-of-life devices that are no longer supported with security patches. Given
the increase in telework, CISA
recommends that CISOs consider the risk that these vulnerabilities present to
business networks.
See the following products for additional information.

• CERT Coordination Center’s Vulnerability Note VU#576779
• Netgear’s Security
  Advisory 
• CISA’s Tip: Home Network Security
  

1. IDENTIFY –  ALL WINDOWS DNS
   servers in your environment – both internal and external. – You can use
   PowerShell to help
2. TEST – The applicable monthly
   servicing stack, and cumulative update for the server operating system.
3. DEPLOY – The applicable patch to all DNS
   servers in your environment as soon as possible.

The National
Initiative for Cybersecurity Education (NICE) has released Draft NIST Special Publication (SP)
800-181 Revision 1, Workforce Framework for Cybersecurity (NICE Framework).
The NICE Framework is a fundamental reference for describing and sharing
information about cybersecurity work in the form of Task Statements and as Work
Roles that perform those tasks. In this revision, several updates have been
made, including:

• an updated title to be more
  inclusive of the variety of workers who perform cybersecurity work, 
• definition and normalization of
  key terms,
• principles that facilitate
  agility, flexibility, interoperability, and modularity,
• introduction of competencies,
• and more!

The
public comment period is open through August 28, 2020. See the publication
details for a copy of the document and instructions for submitting
comments