Description
daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program.
References (2)
Core 2
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/957036
Vendor Advisory x_refsource_confirm
http://www.nvidia.com/object/product-security.html
Scores
EPSS
0.0005
EPSS Percentile
14.6%
Details
Status
published
Products (2)
nvidia/driver
310.00
nvidia/driver
< 307.00
Published
Apr 08, 2013
Tracked Since
Feb 18, 2026