loader gif

NVIDIA patches critical vulnerability that could allow attackers to perform DoS attacks

NVIDIA patches critical vulnerability that could allow attackers to perform DoS attacks
  • NVIDIA Geforce Experience software contains a vulnerability that could allow attackers to escalate privileges, conduct code execution, and perform Denial-of-Service (DoS) attacks.
  • NVIDIA has released a security update to fix this vulnerability in the 3.18 version.

What is the issue - NVIDIA Geforce Experience software contains a vulnerability when ShadowPlay, NvContainer, or GameStream is enabled.

Why it matters - This vulnerability could allow attackers to escalate privileges, conduct code execution, and perform Denial-of-Service (DoS) attacks.

Worth noting

  • This vulnerability tracked CVE‑2019‑5674 was reported by David Yesland, a security researcher from Rhino Security Labs.
  • This vulnerability impacts all NVIDIA Geforce Experience versions prior to 3.18.
  • This vulnerability has a high severity rating and an 8.8 base score from NVIDIA.

“The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration,” NVIDIA stated.

Patch available

When opening a file, the NVIDIA Geforce Experience software does not check for hard links thereby allowing attackers to escalate privileges, perform code execution and DoS attacks.

NVIDIA has released a security update to fix this vulnerability in the 3.18 version. NVIDIA users are requested to update to the latest patched version 3.18 in order to stay protected from DoS attacks.

loader gif