← Zuruck zu CVEs

CVE-2019-5694

MEDIUM

6.5

Beschreibung

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.

CVE Details

CVSS v3.1 Bewertung6.5

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionREQUIRED

Veroffentlicht11/9/2019

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

microsoft:windowsnvidia:gpu_driver

Schwachen (CWE)

CWE-427

Referenzen

https://nvidia.custhelp.com/app/answers/detail/a_id/4907(psirt@nvidia.com)

https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695(psirt@nvidia.com)

https://nvidia.custhelp.com/app/answers/detail/a_id/4907(af854a3a-2127-422b-91ae-364da2661108)

https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.