Description

NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.

Related CPE's

a

nvidia

gpu_display_driver

3

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5211

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-59

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.1 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-07-22T05:15:07.857

3 years ago

Last modified

2022-06-28T14:11:45.273

3 years ago