Lucene search

NvidiaCVELIST:CVE-2023-31014

HistorySep 20, 2023 - 1:13 a.m.

CVE-2023-31014

2023-09-2001:13:46

CWE-927

nvidia

www.cve.org

nvidia

geforce now

android

vulnerability

game launcher

component

malicious application

implicit intent

streamer

information disclosure

denial of service

code execution

4.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "GeForce NOW for Android mobile and TV app",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "6.00.32705137 to 6.04.33108832"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5476