Using a vulnerability in Mental Ray, a high-end 3D-rendering software from NVIDIA, an attacker could exploit the processing power of thousands of servers used for rendering digital images to malicious ends, according to a recently published paper from researchers at ReVuln. With the computing resources of a compromised render farm, a malicious party could carry out processing-intensive tasks like password cracking and bitcoin mining to great effect, researchers noted.
"There is a vulnerability affecting NVIDIA mental ray (raysat) version 220.127.116.11, which allows a malicious user to load arbitrary DLLs on a victim system, thus an attacker can take control over a whole render farm by simply injecting a malicious remote library," researchers Luigi Auriemma and Donato Ferrante wrote in their paper announcing the vulnerability. "To trigger the remote vulnerability, an attacker needs to send a malicious packet to the affected host (slave)."
Mental Ray is a software used to create high-end visual effects in the film industry, as well as among many architects and designers. It is available as a standalone product and is also integrated with programs such as AutoDesk 3ds Max, AutoDesk Maya and Cinema 4D. Rendering is typically done using render farms, which cluster the computing power of multiple GPU processor cores. Auriemma and Ferrante noted that visual effects firm Industrial Light & Magic used a render farm with 5,700 processor cores during the making of the 2009 movie Transformers 2.
By injecting a malicious DLL packet, an attacker can get this computing power at his or her fingertips, making it easy to carry out massive, resource-intensive tasks like password cracking. The vulnerability was not disclosed to NVIDIA prior to publication, and, according to IDG News Service, the publisher has not yet responded. Such cases, in which a seemingly minor vulnerability can be used to carry out far more sophisticated operations, underscore the importance of building secure software. Using tools such as static analysis software as part of a secure development lifecycle, vendors can avoid comparable exploits and protect both their product's users and the targets of potential attacks that could be carried out via the exploit.
Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.