NVIDIA released security updates that fix vulnerabilities with NVIDIA GeForce Experience. Attackers can exploit this vulnerability to escalate privileges, cause the denial of service attacks and code execution.
This vulnerability can be tracked as CVE‑2019‑5674 and it receives the base score of 8.8 and it affects all the version prior to 3.18.
Attackers exploit the vulnerability when ShadowPlay, NvContainer, or GameStream is enabled with NVIDIA GeForce Experience.
“The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting security or IT professional to evaluate the risk to your specific configuration,” reads the security advisory.
|CVE||Software Product||Operating System||Affected Versions||Fixed Version|
|CVE‑2019‑5674||GeForce Experience||Windows||All versions prior to 3.18||3.18|
The GeForce Experience is the companion application to your GeForce GTX graphics card. It keeps your drivers up to date, automatically optimizes your game settings, and gives you the easiest way to share your greatest gaming moments with friends.
Users are recommended to download and install the updated version of NVIDIA GeForce Experience from the Downloads page.