NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/4907 | Patch Vendor Advisory |
https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Jan 2022, 20:11
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695 - Exploit, Third Party Advisory | |
CWE | CWE-427 |
Information
Published : 2019-11-09 02:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-5694
Mitre link : CVE-2019-5694
CVE.ORG link : CVE-2019-5694
JSON object : View
Products Affected
microsoft
- windows
nvidia
- gpu_driver
CWE
CWE-427
Uncontrolled Search Path Element