List all assets which are vulnerable to the Nvidia GPU display driver vulnerability. Assets with outdated drivers will be vulnerable to three critical security issues, CVE-2019-5675, CVE-2019-5676, and CVE-2019-5677. The audit below provides an overview of all assets with an Nvidia GPU and whether they are vulnerable or not. Find more info about this exploit in our blogpost.
Nvidia GPU Display Driver Vulnerability Query
Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tblVideoController.Caption,
tblVideoController.DriverVersion,
Case
When (tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion BETWEEN 2621143000 and 2621143063) Or
((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2621143000 and 2621143063) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2521141800 and 2521142550) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2421141163 and 2421141235) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2321139065 and 2321139238) Then 'Vulnerable'
When (tblVideoController.Caption Like '%tesla%' And NvidiaAssets.DriverVersion Between 2521141800 and 2521142524)
Or (tblVideoController.Caption Like '%tesla%' And NvidiaAssets.DriverVersion Between 2421141163 and 2421141235) Then 'Vulnerable'
Else 'Safe'
End As [Vulnerable/Safe],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When (tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion BETWEEN 2621143000 and 2621143063) Or
((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2621143000 and 2621143063) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2521141800 and 2521142550) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2421141163 and 2421141235) Or ((tblVideoController.Caption Like '%Quadro%' Or tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 2321139065 and 2321139238) Then '#ffadad'
When (tblVideoController.Caption Like '%tesla%' And NvidiaAssets.DriverVersion Between 2521141800 and 2521142524)
Or (tblVideoController.Caption Like '%tesla%' And NvidiaAssets.DriverVersion Between 2421141163 and 2421141235) Then '#ffadad'
Else '#d4f4be'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblVideoController On
tblAssets.AssetID = tblVideoController.AssetID
Left Join (Select Top 1000000 tblAssets.AssetID,
Convert(bigint,Replace(tblVideoController.DriverVersion, '.',
'')) As DriverVersion,
tblVideoController.Caption
From tblAssets
Inner Join tblVideoController On tblAssets.AssetID =
tblVideoController.AssetID
Where tblVideoController.Caption Like '%Nvidia%') As NvidiaAssets On
NvidiaAssets.AssetID = tblAssets.AssetID
Where (tblVideoController.Caption Like '%geforce%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%' Or tblVideoController.Caption Like
'%tesla%') And tblVideoController.DriverVersion Is Not Null And
tblAssetCustom.State = 1
Order By tblAssets.Domain,
tblAssets.AssetName