CVE-2019-5695
N/A
N/A
Summary
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | NVIDIA GeForce Experience | prior to 3.20.1 | affected |
| NVIDIA | NVIDIA Windows GPU Display Driver | all versions | affected |
Weaknesses
- denial of service or information disclosure through code execution
ADP Enrichment
CVE Program Container
Additional References
- https://nvidia.custhelp.com/app/answers/detail/a_id/4907
- https://nvidia.custhelp.com/app/answers/detail/a_id/4860
- https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/4907
- https://nvidia.custhelp.com/app/answers/detail/a_id/4860
- https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.