Data Tampering Vulnerability in NVIDIA GeForce Experience Installer

Data Tampering Vulnerability in NVIDIA GeForce Experience Installer

CVE-2022-42291 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory.

Learn more about our User Device Pen Test.