Vulnerability Details CVE-2019-5701
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.2
References
Products affected by CVE-2019-5701
-
cpe:2.3:a:nvidia:geforce_experience:-
-
cpe:2.3:a:nvidia:geforce_experience:3.0
-
cpe:2.3:a:nvidia:geforce_experience:3.0.6
-
cpe:2.3:a:nvidia:geforce_experience:3.0.7
-
cpe:2.3:a:nvidia:geforce_experience:3.1.0
-
cpe:2.3:a:nvidia:geforce_experience:3.1.0.52
-
cpe:2.3:a:nvidia:geforce_experience:3.1.2
-
cpe:2.3:a:nvidia:geforce_experience:3.10.0
-
cpe:2.3:a:nvidia:geforce_experience:3.10.0.55
-
cpe:2.3:a:nvidia:geforce_experience:3.11.0
-
cpe:2.3:a:nvidia:geforce_experience:3.12.0
-
cpe:2.3:a:nvidia:geforce_experience:3.13.0
-
cpe:2.3:a:nvidia:geforce_experience:3.13.1
-
cpe:2.3:a:nvidia:geforce_experience:3.14
-
cpe:2.3:a:nvidia:geforce_experience:3.14.1
-
cpe:2.3:a:nvidia:geforce_experience:3.15
-
cpe:2.3:a:nvidia:geforce_experience:3.16
-
cpe:2.3:a:nvidia:geforce_experience:3.17
-
cpe:2.3:a:nvidia:geforce_experience:3.18
-
cpe:2.3:a:nvidia:geforce_experience:3.19
-
cpe:2.3:a:nvidia:geforce_experience:3.2.0
-
cpe:2.3:a:nvidia:geforce_experience:3.2.2
-
cpe:2.3:a:nvidia:geforce_experience:3.20
-
cpe:2.3:a:nvidia:geforce_experience:3.3.0
-
cpe:2.3:a:nvidia:geforce_experience:3.4.0
-
cpe:2.3:a:nvidia:geforce_experience:3.5.0
-
cpe:2.3:a:nvidia:geforce_experience:3.6.0
-
cpe:2.3:a:nvidia:geforce_experience:3.6.0.74
-
cpe:2.3:a:nvidia:geforce_experience:3.7.0
-
cpe:2.3:a:nvidia:geforce_experience:3.8.0
-
cpe:2.3:a:nvidia:geforce_experience:3.9.0