1. Home
  2. CVE Database
  3. CVE-2021-1074
HIGH · 7.3

CVE-2021-1074

NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. Th...

Vulnerability Description

NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires the attacker to replace the files in a very short time window between file integrity validation and execution. Such an attack may lead to code execution, escalation of privileges, denial of service, and information disclosure.

CVSS Score

7.3

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
NvidiaGpu Display Driver>= 390, < 392.65

References

FAQ

What is CVE-2021-1074?

CVE-2021-1074 is a vulnerability with a CVSS score of 7.3 (HIGH). NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. Th...

How severe is CVE-2021-1074?

CVE-2021-1074 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-1074?

Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Display Driver.