CVE-2025-23347

Summary

NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIAGeForceAll driver versions prior to 581.42affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 581.42affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 573.76affected
NVIDIATeslaAll driver versions prior to 581.42affected
NVIDIATeslaAll driver versions prior to 573.76affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References