What is CVE-2019-5676?

CVE-2019-5676 is a vulnerability in the NVIDIA Windows GPU Display driver software for Windows, which allows for DLL preloading attacks and escalation of privileges.

What is the severity of CVE-2019-5676?

The severity of CVE-2019-5676 is high with a CVSS score of 6.7.

Which software is affected by CVE-2019-5676?

The NVIDIA Windows GPU Display driver software for Windows versions between 410 and 412.36, between 418 and 425.51, and between 430 and 430.64, as well as NVIDIA GeForce Experience up to version 3.19, are affected by CVE-2019-5676.

How can CVE-2019-5676 be fixed?

To fix CVE-2019-5676, users should update their NVIDIA Windows GPU Display driver software and NVIDIA GeForce Experience to the latest versions available.

Vulnerability/
CVE-2019-5676

high

7.2

CWE

427

10/5/2019

4/8/2024

CVE-2019-5676

Q: How does CVE-2019-5676 work?

CVE-2019-5676 works by incorrectly loading Windows system DLLs without validating the path or signature, allowing for DLL preloading attacks.

First published: Fri May 10 2019(Updated: )

NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution.

Credit: psirt@nvidia.com

Affected Software	Affected Version	How to fix
Nvidia Gpu Display Driver	>=410<412.36
Nvidia Gpu Display Driver	>=418<425.51
Nvidia Gpu Display Driver	>=430<430.64
NVIDIA GeForce Experience	<3.19
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-5676?
CVE-2019-5676 is a vulnerability in the NVIDIA Windows GPU Display driver software for Windows, which allows for DLL preloading attacks and escalation of privileges.
What is the severity of CVE-2019-5676?
The severity of CVE-2019-5676 is high with a CVSS score of 6.7.
Which software is affected by CVE-2019-5676?
The NVIDIA Windows GPU Display driver software for Windows versions between 410 and 412.36, between 418 and 425.51, and between 430 and 430.64, as well as NVIDIA GeForce Experience up to version 3.19, are affected by CVE-2019-5676.
How does CVE-2019-5676 work?
CVE-2019-5676 works by incorrectly loading Windows system DLLs without validating the path or signature, allowing for DLL preloading attacks.
How can CVE-2019-5676 be fixed?
To fix CVE-2019-5676, users should update their NVIDIA Windows GPU Display driver software and NVIDIA GeForce Experience to the latest versions available.

collector/nvd-index
agent/references
agent/severity
agent/author
agent/weakness
agent/type
agent/event
agent/description
agent/tags
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/nvidia
canonical/nvidia gpu display driver
version/nvidia gpu display driver/410
version/nvidia gpu display driver/418
version/nvidia gpu display driver/430
canonical/nvidia geforce experience
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.