CVE-2022-31611 — MEDIUM (6.8)

Q: How severe is CVE-2022-31611?

CVE-2022-31611 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-31611?

Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce Experience, Microsoft Windows.

Vulnerability Description

NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Nvidia	Geforce Experience	< 3.27.0.112
Microsoft	Windows	-

Related Weaknesses (CWE)

CWE-427

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5384Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5384Vendor Advisory

FAQ

What is CVE-2022-31611?

CVE-2022-31611 is a vulnerability with a CVSS score of 6.8 (MEDIUM). NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DL...

How severe is CVE-2022-31611?

CVE-2022-31611 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-31611?

Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce Experience, Microsoft Windows.