Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-31611

NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution.

Published

2023-02-07T03:15:08.490

Last Modified

2024-11-21T07:04:50.810

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-427
Type: Primary
CWE-427

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nvidia	geforce_experience	< 3.27.0.112	Yes
Operating System	microsoft	windows	-	No

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5384 Vendor Advisory ([email protected])
https://nvidia.custhelp.com/app/answers/detail/a_id/5384 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)