NVIDIA released a security update for the NVIDIA GeForce Experience software for Windows to patch a vulnerability that could allow potential local attackers with basic user privileges to elevate privileges, trigger code execution, and perform denial-of-service (DoS) attacks.
While this vulnerability requires local user access and cannot be exploited remotely, would-be attackers could take advantage of them by planting malicious tools remotely using various means on a system running a vulnerable version of the NVIDIA GeForce Experience.
Security issue rated as high severity by NVIDIA
Taking advantage of this vulnerability, bad actors can escalate their privileges thus making it possible to gain permissions beyond the ones initially granted by the system.
This would allow them to execute malicious code on the compromised systems and also to render vulnerable machines unusable by triggering a denial of service state.
The software flaw fixed by NVIDIA in detailed below, together with a full description and the assigned CVSS V3 Base Score.
... ... ...