CVE-2025-23356 HIGH

CVE-2025-23356

Vendor Nvidia
Product Isaac Lab
Weakness CWE-306 · Missing auth
Published October 14, 2025
Last update October 14, 2025

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.

Key dates

02Disclosure timeline

October 14, 2025 CVE published
October 14, 2025 Record updated