CVE-2019-5689

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Geforce Experience
Vendor: CVE Published:; 9 November 2019

Summary

NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.

Affected Version(s)

NVIDIA GeForce Experience All versions prior to 3.20.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4860

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 9, 2019
Vulnerability Reserved
Jan 7, 2019