CVE-2025-33176
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-04
Last updated on: 2025-11-06
Assigner: NVIDIA Corporation
Description
Description
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, and information disclosure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | runai | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-923 | The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in NVIDIA RunAI allows a user to improperly restrict communication channels on an adjacent network. Exploiting this flaw could enable the attacker to escalate privileges, tamper with data, and disclose information.
How can this vulnerability impact me? :
The impact includes potential escalation of privileges, data tampering, and information disclosure, which could compromise system security and data integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70