CVE-2019-5689
First published: Sat Nov 09 2019(Updated: )
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA GeForce Experience | <3.20.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA GeForce Experience vulnerability?
The vulnerability ID for this NVIDIA GeForce Experience vulnerability is CVE-2019-5689.
What is the severity level of CVE-2019-5689?
The severity level of CVE-2019-5689 is high.
How does the vulnerability in NVIDIA GeForce Experience allow malicious files to be downloaded and saved?
The vulnerability in NVIDIA GeForce Experience allows a user with local system access to craft input that may allow malicious files to be downloaded and saved.
What are the possible consequences of this vulnerability?
The possible consequences of this vulnerability include code execution, denial of service, or information disclosure.
How can I fix the NVIDIA GeForce Experience vulnerability?
To fix the NVIDIA GeForce Experience vulnerability, update to version 3.20.1 or later.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia geforce experience