Lucene search

K
cvelistNvidiaCVELIST:CVE-2023-31014
HistorySep 20, 2023 - 1:13 a.m.

CVE-2023-31014

2023-09-2001:13:46
CWE-927
nvidia
www.cve.org
4
nvidia
geforce now
android
vulnerability
game launcher
component
malicious application
implicit intent
streamer
information disclosure
denial of service
code execution

CVSS3

4.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

AI Score

5.5

Confidence

High

EPSS

0

Percentile

5.1%

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "GeForce NOW for Android mobile and TV app",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "6.00.32705137 to 6.04.33108832"
      }
    ]
  }
]

CVSS3

4.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

AI Score

5.5

Confidence

High

EPSS

0

Percentile

5.1%

Related for CVELIST:CVE-2023-31014