CVE-2013-0111 : daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVID

daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program.

Published 2013-04-08 16:55:02

Updated 2025-04-11 00:51:22

Source CERT/CC

View at NVD, CVE.org

Products affected by CVE-2013-0111

Nvidia » Driver » For Windows
Versions up to, including, (<=) 307.00
cpe:2.3:a:nvidia:driver:*:-:*:*:*:windows:*:*
Matching versions
Nvidia » Driver » Version: 310.00 For Windows
cpe:2.3:a:nvidia:driver:310.00:-:*:*:*:windows:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-0111

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 30 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-0111

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:L/AC:L/Au:S/C:C/I:C/A:C	3.1	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2013-0111

http://www.kb.cert.org/vuls/id/957036

VU#957036 - NVIDIA Windows video card drivers contain multiple vulnerabilities
US Government Resource

CVEs referencing this url
http://www.nvidia.com/object/product-security.html

Product Security
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2013-0111

Products affected by CVE-2013-0111

Exploit prediction scoring system (EPSS) score for CVE-2013-0111

CVSS scores for CVE-2013-0111

References for CVE-2013-0111