Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1074PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or...
CVE-2021-1075PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of se...
CVE-2021-1076PUBLISHED: 2021-04-21NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
CVE-2021-1077PUBLISHED: 2021-04-21NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.
CVE-2021-1078PUBLISHED: 2021-04-21NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.
User Rank: Strategist
6/5/2015 | 3:44:39 PM
If you look at the EINSTEIN system, it possible to see that it has been developed to detect cyber threats.
Looking at the system last evolution we can see that EINSTEIN 3 system adds an IPS to improve it's capabilities:
"The intrusion prevention capability (IPS) builds upon the previous versions by adding the ability to block and disable attempted intrusions before any harm is done."
I think the IPS feature has to be developed again.
EINSTEIN reference "Cross Agency Priority Goal: Cybersecurity FY2013 Q4 Status Update"