CVE-2019-5701

EPSS 0.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

09 Nov 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.

Affected products

NVIDIA · NVIDIA GeForce Experience

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-011.md https://nvidia.custhelp.com/app/answers/detail/a_id/4860