CVE-2021-1073: 
NVIDIA GeForce Experience vulnerability analysis and mitigation

CVE-2021-1073 is a security vulnerability discovered in NVIDIA GeForce Experience software that was disclosed in June 2021. The vulnerability affects all versions of GeForce Experience prior to version 3.23 on Windows operating systems. This security issue is related to a flaw in the login flow mechanism of the application (NVIDIA Security).

The vulnerability exists in the login flow when a user attempts to log in using a browser while other web pages are loaded in different tabs of the same browser. The technical flaw allows unauthorized access to the user login session token. The vulnerability has been assigned a CVSS v3.1 base score of 8.3 with the vector AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H, indicating high severity (NVIDIA Security).

If exploited, this vulnerability could lead to information disclosure, data tampering, or denial of service. Specifically, the compromised login session token could allow attackers to access, alter, or delete targeted user's data. The impact is particularly significant as it affects the user's account security and privacy (NVIDIA Security).

NVIDIA has released a security update to address this vulnerability in GeForce Experience version 3.23. Users are advised to download and install the software update through the GeForce Experience Downloads page or open the client to automatically apply the security update. For users running earlier versions, upgrading to the latest release version is recommended (NVIDIA Security).