A security vulnerability in Nvidia mental ray, a high performance 3D rendering software allows hackers to take control of an entire "render farm", says security researchers at ReVuln.
A Render farm is a cluster of specialized computers designed for rendering images, typically used for creating visual effects in films. Render farms have high computational capability.
The mental ray is available as stand alone software and also embedded into popular software like AutoCAD, Autodesk 3ds Max, Autodesk Maya, Cinema 4D, Domus3D.
By just sending a malicious packet to the target machine, a hacker can load arbitrary DLLs on a victim's machine; Injecting malicious remote library allows attacker to take control of the entire render farm.
The mental ray version 3.11.1.10 is only affected by this vulnerability.
What will you do when you get access to a system that has huge computation capability? A hacker definitely attempt to use it for password cracking or Bitcoin Mining.
You can find the white paper here: http://revuln.com/files/ReVuln_Nvidia_mental_ray.pdf
A Render farm is a cluster of specialized computers designed for rendering images, typically used for creating visual effects in films. Render farms have high computational capability.
The mental ray is available as stand alone software and also embedded into popular software like AutoCAD, Autodesk 3ds Max, Autodesk Maya, Cinema 4D, Domus3D.
By just sending a malicious packet to the target machine, a hacker can load arbitrary DLLs on a victim's machine; Injecting malicious remote library allows attacker to take control of the entire render farm.
The mental ray version 3.11.1.10 is only affected by this vulnerability.
What will you do when you get access to a system that has huge computation capability? A hacker definitely attempt to use it for password cracking or Bitcoin Mining.
You can find the white paper here: http://revuln.com/files/ReVuln_Nvidia_mental_ray.pdf
Dated: Thursday, December 12, 2013
Post a Comment