Main Vulnerability Database Vulnerabilities #VU59082

#VU59082 Improper access control in NVIDIA App (formerly GeForce Experience) - CVE-2021-23175

Published: December 22, 2021

Vulnerability identifier: #VU59082

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-23175

CWE-ID: CWE-284

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
NVIDIA App (formerly GeForce Experience)

Software vendor:
nVidia

Description

The vulnerability allows a local user to escalate privilege son the system.

The vulnerability exists due to improper access restrictions where GameStream does not correctly apply individual user access controls for users on the same device. A local user can run a specially crafted program to escalate privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://nvidia.custhelp.com/app/answers/detail/a_id/5295

#VU59082 Improper access control in NVIDIA App (formerly GeForce Experience) - CVE-2021-23175

Description

Remediation

External links

Please verify you're human