CVE-2025-23292
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-30

Last updated on: 2025-10-02

Assigner: NVIDIA Corporation

Description
NVIDIA Delegated Licensing Service for all appliance platforms contains a SQL injection vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to partial denial of service (UI component).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-30
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-09-30
EPSS Evaluated
2026-06-15
NVD
CVE-2025-23292
EUVD
EUVD-2025-31762
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia delegated_licensing_service *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-943 The product generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a SQL injection issue in the NVIDIA Delegated Licensing Service for all appliance platforms. It allows a user or attacker to perform an authorized action improperly by injecting malicious SQL code. Exploiting this vulnerability can lead to a partial denial of service affecting the user interface component.

Impact Analysis

The impact of this vulnerability includes a partial denial of service, specifically affecting the UI component of the NVIDIA Delegated Licensing Service. This means that users may experience disruptions or degraded functionality in the service's user interface.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-23292. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart