Updated 08/30/2018 11:55 AM
NVIDIA GeForce Experience contains vulnerabilities when GameStream is enabled which may lead to escalation of privileges, denial of service, or information disclosure.
Vulnerability Details
The following sections summarize the potential vulnerabilities. Descriptions use
CWETM and risk assessments follow the
CVSS V3 standard.
CVE-2018-6257
NVIDIA GeForce Experience contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.
CVSS V3 Base Score: 8.8
CVSS V3 Vector:
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2018-6258
NVIDIA GeForce Experience contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.
CVSS V3 Base Score: 7.7
CVSS V3 Vector:
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:H
CVE-2018-6259
NVIDIA GeForce Experience contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.