NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires the attacker to replace the files in a very short time window between file integrity validation and execution. Such an attack may lead to code execution, escalation of privileges, denial of service, and information disclosure.
Published 2021-04-21 23:15:08
Updated 2022-07-21 12:39:54
View at NVD,   CVE.org
Vulnerability category: Denial of serviceInformation leak

Products affected by CVE-2021-1074

Exploit prediction scoring system (EPSS) score for CVE-2021-1074

0.04%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-1074

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
6.9
MEDIUM AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
NIST
7.3
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1.3
5.9
NIST
7.3
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1.3
5.9
NVIDIA Corporation

References for CVE-2021-1074

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!