{"api_version":"1","generated_at":"2026-04-23T08:40:02+00:00","cve":"CVE-2022-28182","urls":{"html":"https://cve.report/CVE-2022-28182","api":"https://cve.report/api/cve/CVE-2022-28182.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-28182","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-28182"},"summary":{"title":"CVE-2022-28182","description":"NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.","state":"PUBLIC","assigner":"psirt@nvidia.com","published_at":"2022-05-17 20:15:00","updated_at":"2022-05-26 19:04:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5353","name":"https://nvidia.custhelp.com/app/answers/detail/a_id/5353","refsource":"MISC","tags":[],"title":"Security Bulletin: NVIDIA GPU Display Driver - May 2022 | NVIDIA","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-28182","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28182","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"28182","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"28182","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nvidia","cpe5":"gpu_display_driver","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"28182","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nvidia","cpe5":"virtual_gpu","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"28182","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nvidia","cpe5":"virtual_gpu","cpe6":"14.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-28182","qid":"376609","title":"NVIDIA GPU Display Driver Multiple Vulnerabilities (May 2022)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@nvidia.com","ID":"CVE-2022-28182","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NVIDIA GPU Display Driver","version":{"version_data":[{"version_value":"All GPU Driver versions for Windows"}]}}]},"vendor_name":"NVIDIA"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components."}]},"impact":{"cvss":{"baseScore":8.5,"baseSeverity":"High","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-787 Out-of-bounds Write"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5353","name":"https://nvidia.custhelp.com/app/answers/detail/a_id/5353"}]}},"nvd":{"publishedDate":"2022-05-17 20:15:00","lastModifiedDate":"2022-05-26 19:04:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.5,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}