CVE-2025-33221
Analyzed Analyzed - Analysis Complete
Incorrect Permission Assignment in NVIDIA Display Driver

Publication date: 2026-05-26

Last updated on: 2026-06-11

Assigner: NVIDIA Corporation

Description
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-06-11
Generated
2026-06-16
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2025-33221
EUVD
EUVD-2025-209936
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
nvidia gpu_display_driver From 595 (inc) to 595.71.05 (exc)
nvidia gpu_display_driver From 535 (inc) to 535.309.01 (exc)
nvidia gpu_display_driver From 580 (inc) to 580.159.03 (exc)
nvidia gpu_display_driver From 535 (inc) to 539.72 (exc)
nvidia gpu_display_driver From 580 (inc) to 582.53 (exc)
nvidia gpu_display_driver From 595 (inc) to 595.36 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in the NVIDIA Display Driver involves incorrect permission assignment for a critical resource, which could lead to data tampering and denial of service.

While the vulnerability could potentially impact data integrity and availability, there is no specific information provided about its direct effects on compliance with standards such as GDPR or HIPAA.

Therefore, any impact on compliance would depend on the context in which the affected systems are used and how the vulnerability might be exploited to affect protected data.

Executive Summary

CVE-2025-33221 is a vulnerability in the NVIDIA Display Driver for Windows and Linux, specifically in the kernel driver component. The issue involves an incorrect permission assignment for a critical resource, which means that the system may grant inappropriate access rights to certain users.

This improper permission assignment could be exploited by a user to perform unauthorized actions such as data tampering or causing a denial of service.

Impact Analysis

If exploited, this vulnerability could allow an attacker with certain privileges to tamper with data or disrupt system availability by causing a denial of service.

The impact is primarily on system integrity and availability, as confidentiality is not affected according to the CVSS metrics.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33221. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart