Vulnerabilities > CVE-2021-1073 - Unspecified vulnerability in Nvidia Geforce Experience

047910
CVSS 8.3 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
high complexity
nvidia

Summary

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.