NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe
where a local web API endpoint, /VisualOPS/v.1.0./
, lacks proper access control and parameter validation, allowing for information disclosure through a directory traversal attack.
CVSS Base Score: 7.4
CVSS Temporal Score: 6.6
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:R
NVIDIAβs risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a local security or IT professional to evaluate the risk of your specific configuration. NVIDIA doesnβt know of any exploits to these issues at this time.
CPE | Name | Operator | Version |
---|---|---|---|
geforce experience | le | 3.1.0.52 |