DLL Preloading Vulnerability in NVIDIA GeForce Experience and Windows GPU Display Driver

DLL Preloading Vulnerability in NVIDIA GeForce Experience and Windows GPU Display Driver

CVE-2019-5695 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.

Learn more about our Web Application Penetration Testing UK.