Description
NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- NVIDIA / vGPU software (guest driver) - Windows, NVIDIA Cloud Gaming (guest driver)All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release – All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release