Vulnerability Description
NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Geforce Experience | < 3.19 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/4806PatchVendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-27815
- https://nvidia.custhelp.com/app/answers/detail/a_id/4806PatchVendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-27815
FAQ
What is CVE-2019-5678?
CVE-2019-5678 is a vulnerability with a CVSS score of 7.8 (HIGH). NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated....
How severe is CVE-2019-5678?
CVE-2019-5678 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5678?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce Experience, Microsoft Windows.