CVE-2025-33208
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-03
Last updated on: 2025-12-04
Assigner: NVIDIA Corporation
Description
Description
NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncontrolled search path. A successful exploit of this vulnerability may lead to escalation of privileges, data tampering, denial of service, information disclosure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | tao | 6.25.9 |
| nvidia | tao | 6.25.7 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in NVIDIA TAO involves an attacker causing a resource to be loaded through an uncontrolled search path. This means the attacker can manipulate the way the software locates and loads resources, potentially leading to unauthorized actions.
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to escalation of privileges, data tampering, denial of service, and information disclosure, which can severely affect system security and data integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70