CVE-2025-23258 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.3 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvidia	CNA	7.3 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-732 - Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Vulnerability Media Exposure

[GERMAN] Schwachstellen: KI- und Netzwerktechnik von Nvidia ist angreifbar
Sicherheitsupdates schließen Lücken in unter anderem Nvidias KI-Plattformen DGX und HGX.
Published: 2025-09-05T08:00:00+00:00

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23258

https://nvidia.custhelp.com/app/answers/detail/a_id/5655

https://www.cve.org/CVERecord?id=CVE-2025-23258