CVE-2019-5701

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.

CVSS v3 7.8 HIGH
CVSS v2.0 6.2 MEDIUM

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md	Third Party Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/4860	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*

History

01 Jan 2022, 20:12

Type	Values Removed	Values Added
CVSS	v2 : ~~4.4~~ v3 : ~~7.8~~	v2 : 6.2 v3 : 7.8
References	~~(MISC) https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md -~~	(MISC) https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md - Third Party Advisory
CWE	~~CWE-426~~	CWE-427

Information

Published : 2019-11-09 02:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-5701

Mitre link : CVE-2019-5701

CVE.ORG link : CVE-2019-5701

JSON object : View

Products Affected

nvidia

geforce_experience

CWE

CWE-427

Uncontrolled Search Path Element

{"id": "CVE-2019-5701", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-11-09T02:15:12.083", "references": [{"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md", "tags": ["Third Party Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4860", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution."}, {"lang": "es", "value": "NVIDIA GeForce Experience, todas las versiones anteriores a la versi\u00f3n 3.20.0.118, contiene una vulnerabilidad cuando GameStream est\u00e1 habilitado en el que un atacante con acceso al sistema local puede cargar las DLL del controlador de gr\u00e1ficos Intel sin validar la ruta o la firma (tambi\u00e9n conocida como plantaci\u00f3n binaria o precarga de DLL ataque), que puede conducir a la denegaci\u00f3n de servicio, divulgaci\u00f3n de informaci\u00f3n o escalada de privilegios a trav\u00e9s de la ejecuci\u00f3n del c\u00f3digo."}], "lastModified": "2022-01-01T20:12:03.457", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86CE60CF-70D1-4715-9FCD-06705DD82690", "versionEndExcluding": "3.20.0.118"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}