CVE-2019-5688 Vulnerability Details

  /     /     /  

CVE-2019-5688 Metadata Quick Info

CVE Published: 18/11/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: nvidia | Vendor: NVIDIA | Product: NVIDIA NVFlash, NVUFlash, GPUModeSwitch Tool
Status : PUBLISHED

CVE-2019-5688 Description

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: escalation of privileges, information disclosure, denial of service.
Source: NVIDIA

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: