CVE-2022-42291
Published: 07 February 2023
Summary
CVE-2022-42291 is a high-severity Insecure Operation on Windows Junction / Mount Point (CWE-1386) vulnerability in Nvidia Geforce Experience. Its CVSS base score is 8.2 (High).
Operationally, ranked at the 32.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-45366
Vulnerability details
NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over…
more
the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.