Home / Early Warning / Vulnerabilidades / CVE-2020-5977

CVE-2020-5977

Type: 
Uncontrolled Search Path Element
Severity: 
Medium
Publication date: 
10/23/2020
Last modified: 
10/27/2020
Description
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
Impact
Access Vector: Local
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + Partially affects on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields