Unrated severityNVD Advisory· Published Jun 25, 2021· Updated Aug 3, 2024
CVE-2021-1073
CVE-2021-1073
Description
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.
Affected products
2- Range: <3.23
- NVIDIA/NVIDIA GeForce Experience Softwarev5Range: All versions prior to 3.23
Patches
Vulnerability mechanics
References
1- nvidia.custhelp.com/app/answers/detail/a_id/5199mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.