CVE-2021-1092

NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.

Published: Jul 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-1092
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-59

Affected Software
References

Software	From	Fixed in
nvidia / gpu_display_driver	427.33	427.48
nvidia / gpu_display_driver	452.96	453.10
nvidia / gpu_display_driver	462.31	462.96

https://nvidia.custhelp.com/app/answers/detail/a_id/5211

Vulnerability Database

290,020

CVE-2021-1092