The vulnerability exists due to incorrect processing of special formatted links in NVIDIA GeForce Experience software. A remote attacker can create a specially crafted link that opens the GeForce Experience login page in a new browser tab instead of the application and enters their login information. The malicious site can get access to the token of the user login session. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet. We are not aware of known malware exploiting this vulnerability. The vulnerability has been described as a ‘medium risk'”]