NVIDIA fixes privilege escalation vulerability on GeForce Experience

NVIDIA released a new version of the graphics card driver yesterday, which is really surprising because this version has actually been released before but NVIDIA has re-released. However, the actual situation is that this version fixes a critical vulnerability so NVIDIA did not disclose it, the attacker could exploit this vulnerability to escalate privilege and trigger code execution.

CVE-2019-5674

This vulnerability is a high-risk vulnerability and gives an evaluation of 8.8 points, so it seems that the impact of this vulnerability is relatively large. This vulnerability primarily affects users who have installed the NVIDIA graphics driver and have enabled ShadowPlay or NVContainer or GameStream. According to Nvidia, NVIDIA GeForce Experience v3.18 and previous versions are affected, so users should be updated in a timely manner.

According to NVIDIA, the “risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.”