CVE-2022-42292
First published: Tue Feb 07 2023(Updated: )
NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA GeForce Experience | <3.27.0.112 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA GeForce Experience vulnerability?
The vulnerability ID for this NVIDIA GeForce Experience vulnerability is CVE-2022-42292.
What is the title of this NVIDIA GeForce Experience vulnerability?
The title of this NVIDIA GeForce Experience vulnerability is 'NVIDIA GeForce Experience contains a vulnerability in the NVContainer component.'
What is the severity of CVE-2022-42292?
The severity of CVE-2022-42292 is high with a CVSS score of 7.8.
What is the affected software for CVE-2022-42292?
The affected software for CVE-2022-42292 is NVIDIA GeForce Experience up to version 3.27.0.112.
How can this vulnerability be exploited?
This vulnerability can be exploited by a user without administrator privileges creating a symbolic link to a file that requires elevated privileges to write to or modify.
- collector/nvd-index
- agent/weakness
- agent/tags
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia geforce experience
- vendor/microsoft
- canonical/microsoft windows