Main Vulnerability Database Vulnerabilities #VU69816

#VU69816 Improper Privilege Management in NVIDIA Windows GPU Display Driver - CVE-2022-42266

Published: December 1, 2022

Vulnerability identifier: #VU69816

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-42266

CWE-ID: CWE-269

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
NVIDIA Windows GPU Display Driver

Software vendor:
nVidia

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper privilege management in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape within the NVIDIA GPU Display Driver for Windows. A local user can gain access to sensitive information.

Remediation

Install updates from vendor's website.

External links

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

#VU69816 Improper Privilege Management in NVIDIA Windows GPU Display Driver - CVE-2022-42266

Description

Remediation

External links

Please verify you're human