CVE-2022-42292 MEDIUM

CVE-2022-42292

Vendor Nvidia
Product GeForce Experience
Weakness CWE-59
Published February 7, 2023
Last update March 25, 2025

CVSS base score

5.0/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering.

Key dates

02Disclosure timeline

February 7, 2023 CVE published
March 25, 2025 Record updated