Nvidia exploit could turn render farms into password crackers, bitcoin miners, researchers claim
Nvidia’s Mental Ray high-performance 3D-rendering software has a vulnerability that could be exploited to compromise clusters of specialized computers called render farms, according to researchers from ReVuln.
”There is a vulnerability affecting Nvidia mental ray (raysat) version 3.11.1.10, which allows a malicious user to load arbitrary DLLs on a victim system, thus an attacker can take control over a whole render farm by simply injecting a malicious remote library,” said Luigi Auriemma and Donato Ferrante, security researchers and founders of Malta-based vulnerability research ReVuln, Tuesday in a research paper.
The Nvidia Mental Ray can use CUDA-enabled consumer or professional GPUs like the Nvidia GeForce, Quadro, and Tesla models for parallel rendering. It’s commonly used in the film industry for CGI (computer-generated imagery) effects, but also in industries that rely on computer-aided design (CAD).