CVE-2020-5958: 
NVIDIA Graphics Driver vulnerability analysis and mitigation

NVIDIA Windows GPU Display Driver contains a vulnerability (CVE-2020-5958) in the NVIDIA Control Panel component that affects all versions. The vulnerability was disclosed in February 2020 and impacts various NVIDIA products including GeForce, Quadro, NVS, and Tesla graphics drivers for Windows operating systems (NVIDIA Advisory).

The vulnerability exists in the NVIDIA Control Panel component where an attacker with local system access can plant a malicious DLL file. The vulnerability has a CVSS v3.1 base score of 6.7 (AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating moderate severity. The vulnerability requires local access and user interaction to exploit (NVIDIA Advisory, NVD).

If successfully exploited, this vulnerability can lead to code execution, denial of service, or information disclosure on affected systems. The vulnerability affects multiple NVIDIA GPU driver versions across different product lines (NVIDIA Advisory).

NVIDIA has released security updates to address this vulnerability. For GeForce, Quadro, and Tesla products running Windows, users should update to version 442.50 for R440 branches, 432.28 for R430 branches, 426.50 for R418 branches, and 392.59 for R390 branches. Hardware vendors may also provide Windows GPU display driver versions 442.05 and 436.73 containing the security updates (NVIDIA Advisory).