CVE-2021-23175

NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream.

Published: Dec 23, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-23175
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
nvidia / geforce_experience	-	3.24.0.126

https://nvidia.custhelp.com/app/answers/detail/a_id/5295

Vulnerability Database

289,697

CVE-2021-23175