• Home
  • |
  • Blog
  • |
  • How To Fix CVE‑2022‑21817- A CORS Vulnerability In NVIDIA Omniverse Launcher App
How to Fix CVE‑2022‑21817- A CORS vulnerability in NVIDIA Omniverse Launcher App

Security researchers recently uncovered a critical vulnerability in the NVIDIA Omniverse Launcher that could allow attackers to exploit CORS vulnerability on the affected versions of the NVIDIA Omniverse Launcher application, leading to privilege escalation and remote access code execution on NVIDIA Omniverse Launcher. The flaw tracked as CVE‑2022‑21817 has a base score of 9.3 in CVSS v3.1. We have created this post to make all NVIDIA Omniverse Launcher users aware of the flaw. In this post, let’s see how to Fix CVE‑2022‑21817- A CORS vulnerability in NVIDIA Omniverse Launcher.

What Is NVIDIA Omniverse Launcher?

This video is published by NVIDIA Omniverse

Omniverse Launcher is an open platform created by NVIDIA for those artistic companies who develop creative virtual assets. This innovative platform is used majorly to build virtual collaboration on creative assets delivered with real-time, physically accurate simulation. It gives opportunities to create the entire VR ecosystem.

Summary Of CVE‑2022‑21817

Cross-Origin Resource Sharing (CORS) vulnerability in NVIDIA Omniverse Launcher allows an unprivileged remote attacker to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.

Associated CVE IDCVE‑2022‑21817
DescriptionA CORS vulnerability in NVIDIA Omniverse Launcher App
Associated ZDI ID
CVSS Score9.3 Critical
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Impact Score5.8
Exploitability Score2.8
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)Required
ScopeChanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

How To Fix CVE‑2022‑21817- A CORS Vulnerability In NVIDIA Omniverse Launcher App?

All the versions prior to 1.5.2 are affected by CVE‑2022‑21817 vulnerability. The flaw has been fixed in v1.5.2 and made available for download. We recommend upgrading to the latest available version.

For any queries, please contact NVIDIA Support.

We hope this post will help you know about How to Fix CVE‑2022‑21817- A CORS vulnerability in NVIDIA Omniverse Launcher App. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page in FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

To know more about me. Follow me on LinkedIn
Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.