7.8

CVE-2020-5964

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure.

Data is provided by the National Vulnerability Database (NVD)
NvidiaQuadro Firmware Version >= 390 < 392.61
   NvidiaQuadro Version-
NvidiaQuadro Firmware Version >= 418 < 426.78
   NvidiaQuadro Version-
NvidiaQuadro Firmware Version >= 440 < 443.18
   NvidiaQuadro Version-
NvidiaQuadro Firmware Version >= 450 < 451.48
   NvidiaQuadro Version-
NvidiaTesla Firmware Version >= 418 < 426.78
   NvidiaTesla Version-
NvidiaTesla Firmware Version >= 440 < 443.18
   NvidiaTesla Version-
NvidiaTesla Firmware Version >= 450 < 451.48
   NvidiaTesla Version-
NvidiaGeforce Experience Version < 3.20.4
   MicrosoftWindows Version-
NvidiaNvs Firmware Version >= 390 < 392.61
   NvidiaNvs Version-
NvidiaNvs Firmware Version >= 418 < 426.78
   NvidiaNvs Version-
NvidiaNvs Firmware Version >= 440 < 443.18
   NvidiaNvs Version-
NvidiaNvs Firmware Version >= 450 < 451.48
   NvidiaNvs Version-
NvidiaGeforce Firmware Version >= 450 < 451.48
   NvidiaGeforce Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.035
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.