CVE-2025-23297
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-02
Assigner: NVIDIA Corporation
Description
Description
NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unprivileged access could modify files in the Frameview SDK directory. A successful exploit of this vulnerability might lead to escalation of privileges.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | nvidia_installer | 11.0.5.245 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the NVIDIA Installer for NvAPP on Windows, specifically in the FrameviewSDK installation process. An attacker with local unprivileged access could modify files in the Frameview SDK directory, which could lead to escalation of privileges.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker with limited local access to escalate their privileges, potentially gaining higher-level access to the system and causing significant harm.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70