In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges.
[
{
"product": "GeForce Experience",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "3.x"
}
]
}
]