GeForce Experience Security Vulnerabilities Confirmed by NVIDIA

👤by Tim Harmer Comments 📅25.10.2020 21:51:55



NVIDIA have issued a Security Bulletin to users of their GeForce Experience desktop app identifying three vulnerabilities which could allow agents to execute code, escalate user privileges and otherwise compromise a system. The worst, CVE-2020-5977 according to CVE naming conventions, is classed as 'High' under the CVSS v3.1 scoring system.

All versions of GeForce Experience prior to 3.20.5.70 are affected by these issues.



In conjunction with the update Bulletin an Update has been pushed to GeForce Experience which closes the vulnerabilities. This update - v3.20.5.70 - can be downloaded via the main GeForce Experience page or by opening the desktop app, triggering an automatic update process.

The Bulletin also acknowledges the following individuals for reporting the issues:

CVE-2020-5977: Xavier DANEST - Decathlon
CVE-2020-5978: Hashim Jawad of ACTIVELabs
CVE-2020-5990: Hashim Jawad of ACTIVELabs


SOURCE: NVIDIA Security Bulletin 5076


      Please share your thoughts by commenting below!

Comments

Related Stories

Recent Stories

« PNY XLR8 CS3040 NVMe PCIe Gen4 SSD Launched · GeForce Experience Security Vulnerabilities Confirmed by NVIDIA · Leaked Intel Xeon Roadmap Spells Out Ice Lake-X Plans For 2021 »