Chaining Bugs: NVIDIA GeForce Experience (GFE) Command Execution
13 May 2021 at 15:30
Reading Time: 5 minutes NVIDIA GeForce Experience (GFE) v.<= 3.21 is affected by an Arbitrary File Write vulnerability in the GameStream/ShadowPlay plugins, where log files are created using NT AUTHORITY\SYSTEM level permissions, which lead to Command Execution and Elevation of Privileges (EoP). NVIDIA Security Bulletin β April 2021 NVIDIA Acknowledgements Page Introduction Some time ago I was looking for [β¦]