1. Home
  2. CVE Database
  3. CVE-2016-4960
HIGH · 7.3

CVE-2016-4960

For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privileg...

Vulnerability Description

For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.

CVSS Score

7.3

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
NvidiaGeforce Experience-
NvidiaGeforce 910M-
NvidiaGeforce 920M-
NvidiaGeforce 920Mx-
NvidiaGeforce 930M-
NvidiaGeforce 930Mx-
NvidiaGeforce 940M-
NvidiaGeforce 940Mx-
NvidiaGeforce 945M-
NvidiaGeforce Gt 710-
NvidiaGeforce Gt 730-
NvidiaGeforce Gtx 1050-
NvidiaGeforce Gtx 1060-
NvidiaGeforce Gtx 1070-
NvidiaGeforce Gtx 1080-
NvidiaGeforce Gtx 950M-
NvidiaGeforce Gtx 960M-
NvidiaGeforce Gtx 965M-
NvidiaNvs 310-
NvidiaNvs 315-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2016-4960?

CVE-2016-4960 is a vulnerability with a CVSS score of 7.3 (HIGH). For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privileg...

How severe is CVE-2016-4960?

CVE-2016-4960 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-4960?

Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce Experience, Nvidia Geforce 910M, Nvidia Geforce 920M, Nvidia Geforce 920Mx, Nvidia Geforce 930M.