CVE-2025-23242 HIGH

CVE-2025-23242

Vendor Nvidia

Product Riva

Weakness CWE-284

Published March 11, 2025

Last update March 11, 2025

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.

Key dates

02Disclosure timeline

March 11, 2025 CVE published

March 11, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-23242

Related vulnerabilities

04Related CVE

CVE-2018-0119 CVE-2021-42808 The Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions. CVE-2024-21302 Windows Secure Kernel Mode Elevation of Privilege Vulnerability CVE-2026-40888 Frappe HR vulnerable to Improper Access Control CVE-2025-64660 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability