File Permissions Vulnerability in NVIDIA GeForce Experience Software
CVE-2018-6261

7HIGH

Key Information:

Vendor: Nvidia
Status: Geforce Experience
Vendor: CVE Published:; 27 September 2018

Summary

The NVIDIA GeForce Experience software, when GameStream is enabled, possesses a flaw that results in improper file permission settings. This vulnerability can potentially lead to unauthorized code execution, denial of service, or privilege escalation by individuals who already have access to the system.

Affected Version(s)

GeForce Experience 3.15

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4725

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 27, 2018
Vulnerability Reserved
Jan 25, 2018