What is CVE-2022-42291?

A high-severity vulnerability in NVIDIA GeForce Experience's installer can lead to data tampering. User action is required for exploitation, but organizations should address this issue promptly.

What is the severity of CVE-2022-42291?

CVE-2022-42291 has a severity rating of HIGH with a CVSS base score of 8.2.

CVE-2022-42291 | High Vulnerability in NVIDIA GeForce Experience

NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory.

This vulnerability has been assigned a CVSS score of 8.2, categorizing it as high severity. The risk to organizations includes the potential for significant data integrity and availability issues if exploited. Given the nature of the vulnerability, it is crucial for organizations to prioritize patching immediately.

The vulnerability was published on February 7, 2023, and has since been modified. Organizations using affected versions of NVIDIA GeForce Experience should be aware that exploitation requires user interaction, making the attack vector local. However, this does not lessen the importance of addressing the vulnerability promptly.

According to the latest data, this vulnerability is not part of the Known Exploited Vulnerabilities (KEV) catalog, and no public exploits have been confirmed. However, organizations are encouraged to remain vigilant and monitor for any updates regarding this vulnerability.

Vulnerability Details

The vulnerability affects NVIDIA GeForce Experience versions prior to 3.27.0.112. It is classified under CWE-1386 and CWE-59, indicating issues related to improper handling of symbolic links and path traversal vulnerabilities.

Technical Analysis

The root cause of this vulnerability lies in how the NVIDIA GeForce Experience installer handles linked directories. The exploitation requires the user to launch the installer from a compromised location, which could potentially lead to unauthorized data deletion and manipulation.

The attack vector is local, meaning an attacker would need physical or remote access to the machine. The attack complexity is classified as low, implying that an attacker could easily exploit the vulnerability if the user interaction is achieved.

No privileges are required for exploitation, but user interaction is necessary, making it critical for users to be aware of the risks associated with launching installers from untrusted sources.

The impact on confidentiality is none, while the integrity and availability impacts are both high, indicating a severe effect on data handling if the vulnerability is exploited.

Risk & Impact Analysis

Risk to organizations includes the potential for significant data loss or corruption, which can disrupt operations and lead to financial losses. Organizations that use NVIDIA GeForce Experience should assess their exposure to this vulnerability and take necessary actions to mitigate risks.

The urgency of remediation is high due to the potential impact on data integrity and availability. Organizations should prioritize addressing this vulnerability in their patch cycles.

Given the exploitation status is currently unknown, organizations should remain proactive in monitoring for any developments related to this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerability affects all versions of NVIDIA GeForce Experience prior to version 3.27.0.112. Organizations should ensure they are using a patched version to mitigate this risk.

Mitigation & Remediation

Organizations should prioritize patching NVIDIA GeForce Experience to the latest version. If an immediate patch is not available, consider implementing workarounds such as restricting user permissions and monitoring user actions when installing software.

For further guidance on securing your systems, organizations can refer to penetration testing services that can help identify vulnerabilities.

Detection Guidance

Organizations should monitor logs for unexpected installer executions and changes in linked directories. Behavioral anomalies during software installations can also indicate potential exploitation.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of user awareness in security practices. Organizations should educate users about the risks of executing installers from untrusted or compromised locations.

Security teams should also consider implementing comprehensive security assessments, such as application security assessments, to ensure all components are secure.

Long-term, organizations should adopt a proactive approach to cybersecurity by integrating regular continuous penetration testing into their security strategies.

Additionally, being aware of trends in vulnerabilities, such as those reported in vulnerability management programs, can help organizations stay ahead of potential threats.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-42291: High Vulnerability in NVIDIA GeForce Experience