CVE-2019-5676

Name of the Vulnerable Software and Affected Versions NVIDIA Windows GPU Display driver software for Windows (all versions)

Description The issue is related to the incorrect loading of Windows system DLLs without validating the path or signature, which can lead to escalation of privileges through code execution. This is also known as a binary planting or DLL preloading attack. The vulnerability is associated with errors in checking the path of loaded dynamic libraries.

Recommendations For all versions, consider disabling the loading of external DLLs or restricting the paths from which DLLs can be loaded until a patch is available. Restrict access to sensitive system areas to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.