CVE-2013-0109

NVIDIA Display Driver <307.78 & R310<311.00 - Privilege Escalation/DoS via Exception Handling

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-0109. PoCs published by Metasploit, Peter Wintersmith, Ben Campbell, including Metasploit module exploits/windows/local/nvidia_nvsvc.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in the NVIDIA Display Driver Service (nvsvc) via a named pipe with NULL DACL, allowing local privilege escalation on vulnerable Windows systems.

Description

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows_x86-64

https://www.exploit-db.com/exploits/30393

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in the NVIDIA Display Driver Service (nvsvc) via a named pipe with NULL DACL, allowing local privilege escalation on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: NVIDIA Display Driver Service (nvvsvc.exe) versions dated Nov 3 2011, Aug 30 2012, and Dec 1 2012

Auth required

Prerequisites: Authenticated local access · Vulnerable NVIDIA driver version · Service running

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1106 - Native API

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Peter Wintersmith, Ben Campbell · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/nvidia_nvsvc.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in the NVIDIA Display Driver Service (nvsvc) via a named pipe with NULL DACL, allowing local privilege escalation on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: NVIDIA Display Driver Service (nvvsvc.exe) versions dated Nov 3 2011, Aug 30 2012, and Dec 1 2012

Auth required

Prerequisites: Authenticated local access to the target system · NVIDIA Display Driver Service running with vulnerable version · Named pipe \\.\pipe\nsvr accessible

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/957036

Patch, Vendor Advisory x_refsource_confirm

http://www.nvidia.com/object/product-security.html

Scores

EPSS 0.0447

EPSS Percentile 90.2%

Details

CWE

CWE-119

Status published

Products (2)

nvidia/display_driver 310.00

nvidia/display_driver < 307.00

Published Apr 08, 2013

Tracked Since Feb 18, 2026