CVE-2025-33223
Privilege Escalation in NVIDIA Isaac Launchable Enables Code Execution
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | isaac_launchable | 3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-250 | The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-33223 is a critical vulnerability in NVIDIA Isaac Launchable where an attacker can execute code with unnecessary privileges. This flaw allows attackers to perform actions such as code execution, privilege escalation, denial of service, information disclosure, and data tampering by exploiting the execution with unnecessary privileges weakness (CWE-250). [2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized code execution, escalation of privileges allowing attackers to gain higher access than intended, denial of service disrupting normal operations, disclosure of sensitive information, and tampering with data integrity. These impacts can compromise system security and availability. [2]