NVIDIA Details Three GeForce Experience Vulnerabilities

The FPS Review may receive a commission if you purchase something after clicking a link in this article.


In a new security bulletin, NVIDIA revealed that its GeForce Experience software contained three vulnerabilities that could have led to denial of service, escalation of privileges, code execution, or information disclosure. Thankfully, these have all been patched already, but we’ve copied the details of each vulnerability below for those of you who are curious what components were affected and how they ranked in severity.

NVIDIA GeForce Experience is usually configured to update automatically, so users can simply launch the program for the software security update. The updated version is


CVE IDsDescriptionBase ScoreVector
CVE‑2020‑5977NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.8.2AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CVE‑2020‑5990NVIDIA GeForce Experience contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.7.3AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE‑2020‑5978NVIDIA GeForce Experience contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.3.2AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L

“The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation,” the company explains. “NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.”

Security Updates

CVE IDs AddressedSoftware ProductOperating SystemAffected VersionsUpdated Version
GeForce ExperienceWindowsAll versions prior to

If you don’t have GeForce Experience, you can grab that here. NVIDIA recently added a bunch of interesting features, like an enhanced in-game overlay, new performance panel with one-click automatic GPU tuning, and 8K HDR Shadowplay Recording.

Tsing Mui
News poster at The FPS Review.

Recent News