CVE-2021-1073 is a vulnerability in NVIDIA Geforce Experience
Published on June 25, 2021

NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the users account is compromised. This may lead to the targeted users data being accessed, altered, or lost.

NVD

Vulnerability Analysis

CVE-2021-1073 can be exploited with network access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Products Associated with CVE-2021-1073

Want to know whenever a new CVE is published for NVIDIA Geforce Experience? stack.watch will email you.

NVIDIA Geforce Experience

Affected Versions

NVIDIA GeForce Experience Software Version All versions prior to 3.23 is affected by CVE-2021-1073

Exploit Probability

EPSS

0.31%

Percentile

53.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-1073 is a vulnerability in NVIDIA Geforce ExperiencePublished on June 25, 2021

Vulnerability Analysis

Products Associated with CVE-2021-1073

Affected Versions

Exploit Probability

CVE-2021-1073 is a vulnerability in NVIDIA Geforce Experience
Published on June 25, 2021