CVE-2022-31611
CVSS V2 None
CVSS V3 None
Description
NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution.
Overview
- CVE ID
- CVE-2022-31611
- Assigner
- psirt@nvidia.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-02-07T03:15:08
- Last Modified Date
- 2023-02-14T23:47:29
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| AND | ||||
| cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:* | 1 | OR | 3.27.0.112 | |
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | 0 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5384 | Vendor Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-31611 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31611 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:19:25 | Added to TrackCVE | |||
| 2023-04-17 07:19:28 | Weakness Enumeration | new |