CVE-2020-5978

Type:

Unavailable / Other

Severity:

Medium

Publication date:

10/23/2020

Last modified:

10/27/2020

Description

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.

Impact

Access Vector: Local

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Partially affects on system integrity + Partially affects on system confidentiality + Partially affects on system availability

Vulnerable software and versions

cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*

To consult the complete list of products and versions see this page

References to Advisories, Solutions, and Tools

https://nvidia.custhelp.com/app/answers/detail/a_id/5076 (Source: CONFIRM)

Explanation of fields

Corporate access

CVE-2020-5978