Nvidia exploit could turn render farms into password crackers, bitcoin miners, researchers claim

A flaw in Nvidia Mental Ray software can be exploited to compromise server clusters used for 3D rendering, researchers from ReVuln said

Nvidia's Mental Ray high-performance 3D rendering software has a vulnerability that could be exploited to compromise clusters of specialized computers called render farms, according to researchers from ReVuln.

"There is a vulnerability affecting NVIDIA mental ray (raysat) version 3.11.1.10, which allows a malicious user to load arbitrary DLLs on a victim system, thus an attacker can take control over a whole render farm by simply injecting a malicious remote library," said Luigi Auriemma and Donato Ferrante, security researchers and founders of Malta-based vulnerability research ReVuln, Tuesday in a research paper.

The Nvidia Mental Ray can use CUDA-enabled consumer or professional GPUs like the Nvidia GeForce, Quadro, and Tesla models for parallel rendering. It's commonly used in the film industry for CGI (computer-generated imagery) effects, but also in industries that rely on computer-aided design (CAD).

Mental Ray is available as a stand-alone application for Windows, Mac and Linux that can be installed and used on dedicated render machines. However, it is also integrated into third-party software like Autodesk 3ds Max, Autodesk Maya, Cinema 4D and others.

A render farm's computing power varies depending on its size. Industrial Light & Magic, an American visual effects company, used a render farm with access to 5,700 processor cores when it worked on the Transformers 2 movie in 2009.

On Windows, Nvidia Mental Ray runs as a system service and listens for incoming connections on port 7520, the ReVuln researchers said. To exploit the vulnerability an attacker just needs to send a malicious packet to the affected systems from a compromised computer on the same network, they said.

Post-exploitation scenarios could include using compromised render farms for password cracking or mining bitcoins, since both tasks can be distributed across many GPUs, the researchers said.

An example of a malicious packet that triggers the vulnerability in the Mental Ray software was included in ReVuln's research paper, but the company did not report the issue to Nvidia. ReVuln discloses the vulnerabilities found by its researchers publicly or sells the information to third parties through a subscription-based vulnerability intelligence service.

Nvidia did not immediately respond to a request for comment.

Tags serverssecurityReVulnhardware systemsnvidiaExploits / vulnerabilities

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Management Solutions

Endpoint Security Management

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.