Join the Cyber Forum: Threat Intel on May 12, 2026 to learn how AI is reshaping threat defense.Join the Virtual Cyber Forum: Threat IntelRegister Now
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2024-0138

CVE-2024-0138: NVIDIA Base Command Manager Auth Bypass

CVE-2024-0138 is an authentication bypass flaw in NVIDIA Base Command Manager's CMDaemon component that enables code execution, privilege escalation, and data tampering. This article covers technical details, impact, and mitigation.

Updated: January 22, 2026

CVE-2024-0138 Overview

CVE-2024-0138 is a critical missing authentication vulnerability discovered in NVIDIA Base Command Manager's CMDaemon component. This authentication bypass flaw allows unauthenticated attackers to interact with the CMDaemon service remotely without providing valid credentials. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Critical Impact

This vulnerability enables unauthenticated remote attackers to potentially execute arbitrary code, escalate privileges, and compromise the integrity and confidentiality of systems running NVIDIA Base Command Manager.

Affected Products

  • NVIDIA Base Command Manager (CMDaemon component)

Discovery Timeline

  • 2024-11-23 - CVE-2024-0138 published to NVD
  • 2024-11-23 - Last updated in NVD database

Technical Details for CVE-2024-0138

Vulnerability Analysis

This vulnerability represents a fundamental security control failure in the CMDaemon component of NVIDIA Base Command Manager. The weakness is classified as CWE-862 (Missing Authorization), where the affected component fails to properly authenticate incoming requests before processing them. This allows attackers to bypass authentication mechanisms entirely and interact with the daemon as if they were legitimate, authorized users.

The CMDaemon component is a critical service within NVIDIA Base Command Manager, which is used for managing high-performance computing (HPC) infrastructure and AI workloads. Without proper authentication controls, an attacker with network access to the service can potentially execute privileged operations, access sensitive configuration data, or disrupt service availability.

Root Cause

The root cause of CVE-2024-0138 is the absence of authentication checks in the CMDaemon component. When processing incoming requests, the daemon fails to verify whether the requester has provided valid authentication credentials or has been properly authorized to perform the requested action. This represents a violation of the principle of secure defaults, where security-critical services should deny access by default unless proper authentication is provided.

Attack Vector

The vulnerability is exploitable over the network without requiring any authentication or user interaction. An attacker who can reach the CMDaemon service over the network can craft requests to the service that will be processed without authentication verification. Depending on the functionality exposed by the daemon, this could allow:

  • Remote Code Execution: Executing arbitrary commands or code on the target system
  • Privilege Escalation: Gaining elevated privileges within the Base Command Manager environment
  • Information Disclosure: Accessing sensitive configuration data, credentials, or operational information
  • Data Tampering: Modifying configurations or data managed by the service
  • Denial of Service: Disrupting the availability of the Base Command Manager infrastructure

The attack requires network connectivity to the vulnerable CMDaemon service but does not require any prior access, credentials, or user interaction, making it highly exploitable in environments where the service is network-accessible.

Detection Methods for CVE-2024-0138

Indicators of Compromise

  • Unusual or unexpected connections to the CMDaemon service from unauthorized IP addresses
  • Authentication-less requests to the CMDaemon port in network traffic logs
  • Unexpected configuration changes or command executions in Base Command Manager audit logs
  • Process spawning or system modifications originating from the CMDaemon service

Detection Strategies

  • Monitor network traffic to CMDaemon for unauthenticated connection attempts or requests lacking proper authentication headers
  • Implement intrusion detection rules to alert on traffic patterns consistent with exploitation attempts
  • Review Base Command Manager logs for unauthorized administrative actions or configuration changes
  • Deploy SentinelOne endpoint protection to detect post-exploitation activities such as unauthorized code execution or privilege escalation

Monitoring Recommendations

  • Enable verbose logging on the CMDaemon component to capture all incoming requests and their authentication status
  • Implement network segmentation monitoring to detect unauthorized access attempts to management interfaces
  • Configure alerting for any Base Command Manager administrative actions performed without corresponding legitimate user sessions

How to Mitigate CVE-2024-0138

Immediate Actions Required

  • Restrict network access to the CMDaemon service using firewall rules, allowing only trusted management hosts
  • Implement network segmentation to isolate Base Command Manager infrastructure from untrusted networks
  • Monitor systems running NVIDIA Base Command Manager for signs of compromise
  • Apply vendor patches as soon as they become available

Patch Information

NVIDIA has released a security bulletin addressing this vulnerability. Organizations should consult the NVIDIA Support Article for detailed patch information and remediation guidance. It is critical to apply the vendor-provided updates to affected Base Command Manager installations as soon as possible to eliminate the authentication bypass vulnerability.

Workarounds

  • Implement strict network access controls to limit connectivity to the CMDaemon service to only authorized management systems
  • Deploy a VPN or jump host requirement for accessing the Base Command Manager infrastructure
  • Use host-based firewall rules on affected systems to restrict incoming connections to trusted IP addresses only
  • Consider temporarily disabling the CMDaemon service if it is not immediately required while awaiting patches
bash
# Example: Restrict CMDaemon access using iptables
# Replace <TRUSTED_IP> with your management network or host IP

# Drop all incoming connections to CMDaemon port by default
iptables -A INPUT -p tcp --dport <CMDAEMON_PORT> -j DROP

# Allow connections only from trusted management hosts
iptables -I INPUT -p tcp --dport <CMDAEMON_PORT> -s <TRUSTED_IP> -j ACCEPT

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeAuth Bypass
  • Vendor/TechNvidia
  • SeverityCRITICAL
  • CVSS Score9.8
  • EPSS Probability0.08%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityHigh
  • CWE References
  • CWE-862
  • Technical References
  • Nvidia Support Article
  • Related CVEs
  • CVE-2026-24177: NVIDIA KAI Scheduler Auth Bypass Flaw
  • CVE-2026-24176: NVIDIA KAI Scheduler Auth Bypass Flaw
  • CVE-2026-24241: NVIDIA Delegated Licensing Auth Bypass
  • CVE-2026-24156: NVIDIA DALI RCE Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English