CVE-2021-23175
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream.
NVIDIA GeForce Experience contiene una vulnerabilidad en la autorización de usuarios, en la que GameStream no aplica correctamente los controles de acceso individuales para los usuarios del mismo dispositivo, lo que, con la intervención del usuario, puede conllevar a una escalada de privilegios, divulgación de información, manipulación de datos y denegación de servicio, afectando a otros recursos más allá de la autoridad de seguridad prevista de GameStream
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-09 CVE Reserved
- 2021-12-23 CVE Published
- 2023-07-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5295 | 2022-01-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nvidia Search vendor "Nvidia" | Geforce Experience Search vendor "Nvidia" for product "Geforce Experience" | < 3.24.0.126 Search vendor "Nvidia" for product "Geforce Experience" and version " < 3.24.0.126" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|