CVE-2025-23342
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-09-18
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | nvdebug | to 1.7.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-23342 is a vulnerability in the NVIDIA NVDebug tool that may allow an attacker with local access and low privileges to gain access to a privileged account. Exploiting this vulnerability can lead to severe impacts such as code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The vulnerability is related to insufficiently protected credentials (CWE-522). [1]
How can this vulnerability impact me? :
This vulnerability can have serious impacts including unauthorized code execution, denial of service, escalation of privileges allowing attackers to gain higher access rights, disclosure of sensitive information, and tampering with data. These impacts can compromise system security, availability, and data integrity. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should download and install the latest NVDebug tool update from the NVIDIA Developer Tools page. The issue is resolved in version 1.7.0 and later, so upgrading to version 1.7.0 or newer will address the vulnerability. [2]