CVE-2019-5701
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.
NVIDIA GeForce Experience, todas las versiones anteriores a la versión 3.20.0.118, contiene una vulnerabilidad cuando GameStream está habilitado en el que un atacante con acceso al sistema local puede cargar las DLL del controlador de gráficos Intel sin validar la ruta o la firma (también conocida como plantación binaria o precarga de DLL ataque), que puede conducir a la denegación de servicio, divulgación de información o escalada de privilegios a través de la ejecución del código.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-07 CVE Reserved
- 2019-11-09 CVE Published
- 2024-04-06 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/4860 | 2022-01-01 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nvidia Search vendor "Nvidia" | Geforce Experience Search vendor "Nvidia" for product "Geforce Experience" | < 3.20.0.118 Search vendor "Nvidia" for product "Geforce Experience" and version " < 3.20.0.118" | - |
Affected
|