NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5384 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
Summary | NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution. |
14 Feb 2023, 23:47
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
CPE | cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
First Time |
Microsoft windows
Microsoft Nvidia geforce Experience Nvidia |
|
CWE | CWE-427 | |
References | (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5384 - Vendor Advisory |
07 Feb 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-07 03:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-31611
Mitre link : CVE-2022-31611
CVE.ORG link : CVE-2022-31611
JSON object : View
Products Affected
microsoft
- windows
nvidia
- geforce_experience
CWE
CWE-427
Uncontrolled Search Path Element