CVE-2020-5957: 
NVIDIA Graphics Driver vulnerability analysis and mitigation

NVIDIA Windows GPU Display Driver contains a vulnerability (CVE-2020-5957) in the NVIDIA Control Panel component that was discovered in February 2020. The vulnerability affects all versions of the NVIDIA Windows GPU Display Driver, including GeForce, Quadro, NVS, and Tesla products. This security flaw was reported by Zhiniang Peng (@edwardzpeng) of Qihoo 360 Core Security and Xuefeng Li (Vendor Advisory).

The vulnerability has a CVSS v3.1 base score of 8.4 (High severity) with the vector AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H. The flaw exists in the NVIDIA Control Panel component where an attacker with local system access can corrupt a system file (Vendor Advisory, Threatpost).

If successfully exploited, this vulnerability can lead to denial of service (DoS) or escalation of privileges on the affected system. The high severity rating indicates significant potential impact on system security (Vendor Advisory).

NVIDIA has released security updates to address this vulnerability. For GeForce, Quadro, and NVS Windows users, the patched versions include: R440 version 442.50, R430 version 432.28, R418 version 426.50, and R390 version 392.59. Tesla Windows users should update to version 442.50 for R440 branches or 426.50 for R418 branches (Vendor Advisory).