A vulnerability in Nvidia mental ray, an extremely popular 3D-rendering software that is often used on “render farms”, could allow attackers to take control of said farms, and use their massive computational power for their own nefarious purposes.
Render farms – groups of networked computers dedicated to rendering images for projects like computer-animated films – usually consist of hundreds and often thousands of processor cores, all grinding out animations that the master computer instructs them to work on.
Unfortunately, if they use NVIDIA mental ray version 18.104.22.168 or earlier, the vulnerability discovered by ReVuln researchers Luigi Auriemma and Donato Ferrante makes them open to attack.
Used both as a standalone product and embedded into popular content creation apps, the NVIDIA mental ray is a system service, and it keeps open a specific TCP port (7520 in newer versions of the software) on which it waits for incoming connections.
And it’s to this port that attackers can send a specific malicious packet (included in the paper) and trigger the vulnerability, allowing them to load arbitrary DLLs on a victim system and, thusly, take control over the entire rendering farm.
The farm can then be surreptitiously used to perform password hacking (brute-forcing) on a large scale, or event for Bitcoin mining.
The researchers pointed out that the vulnerability affects both the 32-bit and 64-bit version of the software, but that there are other issues that need to be addressed as well. They also admitted that they haven’t reported this vulnerability to the vendor, but haven’t explained why.
Conversely, ReVuln is in the business of finding and selling vulnerability information to paying third parties.