392.61

CVSS 6.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

nvidia

NVD

Published: 2021-04-21

Updated: 2022-07-21

Summary

NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires the attacker to replace the files in a very short time window between file integrity validation and execution. Such an attack may lead to code execution, escalation of privileges, denial of service, and information disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia GPU Display Driver 390 Nvidia GPU Display Driver 392.61	2

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5172