CVE-2025-33182
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-14

Last updated on: 2025-10-14

Assigner: NVIDIA Corporation

Description
NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-14
Last Modified
2025-10-14
Generated
2026-06-16
AI Q&A
2025-10-14
EPSS Evaluated
2026-06-15
NVD
CVE-2025-33182
EUVD
EUVD-2025-34465
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nvidia jetson_linux 35.6.2
nvidia jetson_linux 35.6.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-33182 is a high-severity vulnerability in the UEFI implementation of NVIDIA Jetson Linux. It involves improper authentication that allows a privileged user to corrupt the Linux Device Tree. This vulnerability is classified as CWE-862 (Improper Authorization). [1]

Impact Analysis

Exploitation of this vulnerability can lead to data tampering and denial of service on affected NVIDIA Jetson Linux devices. [1]

Detection Guidance

Detection of this vulnerability involves verifying the version of Jetson Linux running on your NVIDIA Jetson Orin Series device. Specifically, check if the version is 35.6.2 or earlier, as these are affected. There are no specific commands provided to detect exploitation or presence of the vulnerability directly. You can check the installed Jetson Linux version using commands like 'dpkg -l | grep jetson-linux' or 'apt-cache policy' on the device to determine the installed package version. [1]

Mitigation Strategies

To mitigate this vulnerability, immediately update your NVIDIA Jetson Linux to version 35.6.3 or newer, where the issue is resolved. The update can be obtained and installed from the APT server or the Jetson Download Center. Applying this update will fix the improper authentication issue in UEFI and prevent potential data tampering or denial of service. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33182. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart