Discover Vulnerable NVIDIA Drivers in Your IT Estate
Nvidia released a new security bulletin detailing 11 new vulnerabilities in their display drivers for Geforce, RTX, Quadro, and Tesla graphics cards. The vulnerabilities have CVSS base scores ranging from 7.8 down to 5.5 and can lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. You can find more information about the different vulnerabilities in the Nvidia August 2022 driver vulnerability blog post.
Nvidia GPU Display Driver Vulnerability Query
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.Version,
tblAssets.SP,
tblVideoController.Caption as GPU,
SubString(NvidiaAssets.DriverVersion, 0, Len(NvidiaAssets.DriverVersion) -
1) + '.' + SubString(NvidiaAssets.DriverVersion,
Len(NvidiaAssets.DriverVersion) - 1, Len(NvidiaAssets.DriverVersion)) As
[Driver Version],
Case
When tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion Between 51500 And 51693 Then '516.94'
When tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion Between 47000 And 47380 Then '473.81'
When (tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 51500 And 51693 Then '516.94'
When (tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 51000 And 51345 Then '513.46'
When (tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 47000 And 47380 Then '473.81'
When tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 51500 And 51693 Then '516.94'
When tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 51000 And 51345 Then '513.46'
When tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 47000 And 47380 Then '473.81'
When tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 45000 And 45363 Then '453.64'
End As [Recommended Driver Version],
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Inner Join tblVideoController On
tblAssets.AssetID = tblVideoController.AssetID
Left Join (Select Top 1000000 tblAssets.AssetID,
Right(Convert(bigint,Replace(tblVideoController.DriverVersion, '.', '')),
5) As DriverVersion,
tblVideoController.Caption
From tblAssets
Inner Join tblVideoController On
tblAssets.AssetID = tblVideoController.AssetID
Where tblVideoController.Caption Like '%Nvidia%') As NvidiaAssets On
NvidiaAssets.AssetID = tblAssets.AssetID
Where (tblVideoController.Caption Like '%geforce%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%' Or tblVideoController.Caption Like
'%tesla%' Or tblVideoController.Caption Like '%RTX%A%') And
tblVideoController.DriverVersion Is Not Null And tblAssetCustom.State = 1
and ((tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion Between 51500 And 51693) or
(tblVideoController.Caption Like '%geforce%' And
NvidiaAssets.DriverVersion Between 47000 And 47380) or
((tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 51500 And 51693) or
((tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 51000 And 51345) or
((tblVideoController.Caption Like '%RTX%A%' Or
tblVideoController.Caption Like '%quadro%' Or
tblVideoController.Caption Like '%NVS%') And
NvidiaAssets.DriverVersion Between 47000 And 47380) or
(tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 51500 And 51693) or
(tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 51000 And 51345) or
(tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 47000 And 47380) or
(tblVideoController.Caption Like '%tesla%' And
NvidiaAssets.DriverVersion Between 45000 And 45363))
Order By tblAssets.Domain,
tblAssets.AssetName