Sensitive Information Disclosure in NVIDIA GeForce NOW Application
CVE-2020-5976

7.5HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Geforce Now Application
Vendor: CVE Published:; 18 September 2020

Summary

NVIDIA GeForce NOW, in its earlier versions, contains a flaw within its application software where the network test component is responsible for transmitting sensitive information without adequate security measures. This oversight can potentially expose private data to unauthorized users, leading to a risk of information disclosure. Users utilizing versions prior to 2.0.23 on Windows and macOS or versions prior to 5.31 on Android and Shield TV should be aware of this vulnerability and consider updating to the latest versions to mitigate the risks.

Affected Version(s)

NVIDIA GeForce NOW Application All versions prior to 2.0.23 (Windows, macOS), versions prior to 5.31 (Android, SHIELD TV).

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5052

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2020
Vulnerability Reserved
Jan 7, 2020