"Code Execution Flaws Haunt NVIDIA ChatRTX for Windows"

NVIDIA, the Artificial Intelligence (AI) computing giant, has patched two software flaws in its ChatRTX for Windows app, warning that users are vulnerable to code execution and data tampering attacks. According to NVIDIA, the flaws have a 'high-risk' rating and could be used to launch malicious code through Cross-Site Scripting (XSS) attacks. The security flaws, tracked as CVE-2024-0082 and CVE-2024-0083, impact ChatRTX for Windows 0.2 and earlier versions. NVIDIA ChatRTX for Windows has a UI vulnerability that allows an attacker to cause an XSS error by running malicious scripts in users' browsers. This article continues to discuss the flaws patched in ChatRTX for Windows.

SecurityWeek reports "Code Execution Flaws Haunt NVIDIA ChatRTX for Windows"

Submitted by grigby1