CVE-2018-6259 — Sensitive Information Exposure in Nvidia Geforce Experience

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

2.5LOWNVD

EPSS

0.1%

top 69.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Geforce Experience Nvidia Corporation Nvidia Geforce Experience

Timeline

PublishedAug 31

Latest updateMay 14

Description

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.0 | Impact: 1.4

Affected Packages2 packages

▶NVDnvidia/geforce_experience3.0.0 — 3.14.1

▶CVEListV5nvidia_corporation/nvidia_geforce_experienceAll versions prior to 3.14.1

Patches

Patch: nvidia.custhelp.com ↗Patch: nvidia.custhelp.com ↗

🔴Vulnerability Details

GHSA

GHSA-cj6x-rq4w-9p2m: NVIDIA GeForce Experience all versions prior to 3↗2022-05-14

▶

CVEList

CVE-2018-6259: NVIDIA GeForce Experience all versions prior to 3↗2018-08-31

▶