PT-2023-1475 · Nvidia · Nvidia Geforce Experience

Minse Kim

Publicado

2023-01-30

Atualizado

2023-02-14

CVE-2022-31611

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NVIDIA GeForce Experience (affected versions not specified)

Description The issue is related to an uncontrolled search path vulnerability in the client installers of NVIDIA GeForce Experience. This vulnerability can be exploited by an attacker with user-level privileges to load an arbitrary DLL when the installer is launched, potentially leading to escalation of privileges and code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

BDU:2023-00884

CVE-2022-31611

Produtos afetados

Nvidia Geforce Experience

PT-2023-1475 · Nvidia · Nvidia Geforce Experience

CVE-2022-31611

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5