Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvidiaNvidiaNVIDIA:5476
HistoryAug 28, 2023 - 12:00 a.m.

Security Bulletin: NVIDIA GeForce NOW for Android - August 2023

2023-08-2800:00:00
nvidia.custhelp.com
16
nvidia
geforce now
android
firmware
security update
vulnerabilities
code execution
denial of service
information disclosure

CVSS3

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

EPSS

0

Percentile

5.1%

JSON

NVIDIA has released a firmware security update for the NVIDIA GeForce NOW Android mobile and TV app. This update addresses issues that may lead to code execution, denial of service, and information disclosure. To protect customer systems, the NVIDIA GeForce NOW for Android app will prompt customers to download and install the latest version upon opening the application.

Go to NVIDIA Product Security.

Details

This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1 standards.

CVE ID Description Base Score Vector and CWE
CVE‑2023‑31014 NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution. 4.2 AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
CWE-927

The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.

Security Updates

The following tables list the NVIDIA systems affected, firmware versions affected, and the updated version that includes this security update.

To protect your system, download and install this firmware update through the NVIDIA Enterprise Support Portal.

CVE IDs Addressed Affected Product Operating System Affected Versions Updated Version

CVE‑2023‑31014

| GeForce NOW for Android mobile and TV app | Android OS | 6.00.32705137 to 6.04.33108832 | 6.05.33200069

Acknowledgements

NVIDIA thanks Oversecured for reporting issue CVE-2023-31014.

Related

prion 1
nvd 1
cve 1
vulnrichment 1
cvelist 1
prion
prion
Design/Logic Flaw
2023-09-20 02:15:00
nvd
nvd
CVE-2023-31014
2023-09-20 02:15:20
cve
cve
CVE-2023-31014
2023-09-20 02:15:20
vulnrichment
vulnrichment
CVE-2023-31014
2023-09-20 01:13:46
cvelist
cvelist
CVE-2023-31014
2023-09-20 01:13:46

CVSS3

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

EPSS

0

Percentile

5.1%

JSON
Related for NVIDIA:5476
prion1nvd1cve1vulnrichment1cvelist1