CVE-2020-5963

HIGH

NVIDIA Windows GPU Display Driver - RCE

Title source: llm
STIX 2.1

Description

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4404-2/
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4404-1/

Scores

CVSS v3 7.8
EPSS 0.0005
EPSS Percentile 16.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (7)
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.10
canonical/ubuntu_linux 20.04
nvidia/geforce_firmware 390 - 390.138
nvidia/nvs_firmware 390 - 390.138
nvidia/quadro_firmware 390 - 390.138
nvidia/tesla_firmware 418 - 418.152.00
Published Jun 25, 2020
Tracked Since Feb 18, 2026