CVE-2016-5852 — Nvidia Geforce Experience vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 85.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Geforce Experience

Timeline

PublishedNov 8

Latest updateMay 17

Description

For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDnvidia/geforce_experience-

Patches

Patch: nvidia.custhelp.com ↗Patch: nvidia.custhelp.com ↗

🔴Vulnerability Details

GHSA

GHSA-2gff-x2x6-mqv3: For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted↗2022-05-17

▶

CVEList

CVE-2016-5852: For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted↗2016-11-08

▶