CVE-2019-5695
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
NVIDIA GeForce Experience (versiones anteriores a 3.20.1) y Windows GPU Display Driver (todas las versiones), contienen una vulnerabilidad en el componente del proveedor de servicios local en la que un atacante con sistema local y acceso privilegiado puede cargar incorrectamente las DLL del sistema Windows sin comprobar la ruta o la firma (también se conoce como ataque de siembra binaria o de precarga de DLL), lo que puede conllevar a una denegación de servicio o una divulgación de información por medio de una ejecución de código.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-07 CVE Reserved
- 2019-11-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695 | 2024-08-04 |
URL | Date | SRC |
---|---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/4860 | 2022-01-01 | |
https://nvidia.custhelp.com/app/answers/detail/a_id/4907 | 2022-01-01 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nvidia Search vendor "Nvidia" | Gpu Driver Search vendor "Nvidia" for product "Gpu Driver" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Nvidia Search vendor "Nvidia" | Geforce Experience Search vendor "Nvidia" for product "Geforce Experience" | < 3.20.1 Search vendor "Nvidia" for product "Geforce Experience" and version " < 3.20.1" | - |
Affected
|