Vulnerability CVE-2018-6261

Vulnerability CVE-2018-6261

Published: 2018-10-02

Description:

NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.

Type:

CWE-276

(Incorrect Default Permissions)

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.4/10	6.4/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Nvidia -> Geforce experience

References:

https://nvidia.custhelp.com/app/answers/detail/a_id/4725

Copyright 2024, cxsecurity.com