NVIDIA Omniverse Launcher Cross-Origin Resource Sharing (CORS) Vulnerability

NVIDIA Omniverse Launcher Cross-Origin Resource Sharing (CORS) Vulnerability

CVE-2022-21817 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.

Learn more about our User Device Pen Test.