CVE-2021-1073
First published: Fri Jun 25 2021(Updated: )
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA GeForce Experience | <3.23 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of NVIDIA GeForce Experience?
The vulnerability ID of NVIDIA GeForce Experience is CVE-2021-1073.
What is the severity rating of CVE-2021-1073?
The severity rating of CVE-2021-1073 is high.
What is affected by the CVE-2021-1073 vulnerability?
NVIDIA GeForce Experience versions prior to 3.23 are affected by the CVE-2021-1073 vulnerability.
How can I fix the CVE-2021-1073 vulnerability?
Update NVIDIA GeForce Experience to version 3.23 or higher to fix the CVE-2021-1073 vulnerability.
Where can I find more information about CVE-2021-1073?
You can find more information about CVE-2021-1073 at the following link: [https://nvidia.custhelp.com/app/answers/detail/a_id/5199](https://nvidia.custhelp.com/app/answers/detail/a_id/5199)
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia geforce experience
- vendor/microsoft
- canonical/microsoft windows