NVIDIA have recently fixed a serious vulnerability in GeForce Experience (GFE). Exploiting the flaw could have allowed an attacker to target Windows systems for local access.
Reportedly, NVIDIA has disclosed a serious vulnerability affecting its Windows NVIDIA GeForce Experience (GFE) app. Exploiting the vulnerability could have allowed an attacker to trigger a denial of service on the target device. Orgain elevated privileges on the machine.
To trigger the flaw, an attacker was required to have local user access to the device. The bug won’t work in case of remote access unless the attacker dropped malicious payloads on vulnerable devices.
Elaborating on the details in an advisory, NVIDIA revealed that the vulnerability CVE‑2019‑5702 achieved a CVSS base score of 8.4. Describing the vulnerability, the stated,
The flaw caught the attention of the service after the researcher with alias RyotaK observed the matter.
After detecting the vulnerability, NVIDIA worked on a fix to address the bug which affected all versions prior to 3.20.2. NVIDIA also explained,