NVIDIA GeForce Experience GameStream DLL Preloading Vulnerability

NVIDIA GeForce Experience GameStream DLL Preloading Vulnerability

CVE-2019-5701 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.

Learn more about our Web Application Penetration Testing UK.