CVE-2020-5962

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

CVSS v3 7.8 HIGH
CVSS v2.0 4.6 MEDIUM

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5031	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:nvidia:quadro_firmware::::::::
	cpe:2.3:o:nvidia:quadro_firmware::::::::
	cpe:2.3:o:nvidia:quadro_firmware::::::::
	cpe:2.3:o:nvidia:quadro_firmware::::::::

cpe:2.3:h:nvidia:quadro:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:nvidia:geforce_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:nvidia:tesla_firmware::::::::
	cpe:2.3:o:nvidia:tesla_firmware::::::::

cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:nvidia:nvs_firmware::::::::
	cpe:2.3:o:nvidia:nvs_firmware::::::::
	cpe:2.3:o:nvidia:nvs_firmware::::::::
	cpe:2.3:o:nvidia:nvs_firmware::::::::

cpe:2.3:h:nvidia:nvs:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-06-24 20:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-5962

Mitre link : CVE-2020-5962

CVE.ORG link : CVE-2020-5962

JSON object : View

Products Affected

nvidia

nvs_firmware
tesla
nvs
geforce
geforce_firmware
quadro
quadro_firmware
tesla_firmware

CWE

NVD-CWE-noinfo

{"id": "CVE-2020-5962", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-06-24T20:15:10.407", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5031", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges."}, {"lang": "es", "value": "NVIDIA Windows GPU Display Driver, todas las versiones, contiene una vulnerabilidad en el componente NVIDIA Control Panel, en el que un atacante con acceso al sistema local puede da\u00f1ar un archivo de sistema, que puede conllevar a una denegaci\u00f3n de servicio o una escalada de privilegios"}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F3BB4C3-E77E-4841-A436-E9033FEE5011", "versionEndExcluding": "392.61", "versionStartIncluding": "390"}, {"criteria": "cpe:2.3:o:nvidia:quadro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "021A11A4-23AE-4C5F-A3F0-357481BC1C91", "versionEndExcluding": "426.78", "versionStartIncluding": "418"}, {"criteria": "cpe:2.3:o:nvidia:quadro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9195AEC-3EB3-4991-947B-E68817B8902A", "versionEndExcluding": "443.18", "versionStartIncluding": "440"}, {"criteria": "cpe:2.3:o:nvidia:quadro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCA19971-9415-4D00-9090-21788E753CEE", "versionEndExcluding": "451.48", "versionStartIncluding": "450"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B56258A7-E289-426E-B8D1-309CCB54E893"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8472A4C6-922C-44F5-AF22-1BD3F45E70CA", "versionEndExcluding": "451.48", "versionStartIncluding": "450"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:tesla_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11F4D2B-A251-4D15-9902-9E2AB23C58D5", "versionEndExcluding": "426.78", "versionStartIncluding": "418"}, {"criteria": "cpe:2.3:o:nvidia:tesla_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA8EEDE5-CF37-4CC3-B556-EA329027CC4C", "versionEndExcluding": "443.18", "versionStartIncluding": "440"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:nvs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E71ACEF-7A5B-4C77-81A5-539BB4D86E47", "versionEndExcluding": "392.61", "versionStartIncluding": "390"}, {"criteria": "cpe:2.3:o:nvidia:nvs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A611598-0D67-49A8-B6A5-87EE823E2619", "versionEndExcluding": "426.78", "versionStartIncluding": "418"}, {"criteria": "cpe:2.3:o:nvidia:nvs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01F0E734-BA49-4119-998C-142860430AB4", "versionEndExcluding": "443.18", "versionStartIncluding": "440"}, {"criteria": "cpe:2.3:o:nvidia:nvs_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40537521-3B8D-4B2D-94D5-B79C219D7BF6", "versionEndExcluding": "451.48", "versionStartIncluding": "450"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:nvs:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C60D8825-B4F5-47DC-ACC3-137D6FC5F12F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}