Improper Access Control Vulnerability in NVIDIA Riva Products
CVE-2025-23242

7.3HIGH

Key Information:

Vendor: Nvidia
Status: Riva
Vendor: CVE Published:; 11 March 2025

Badges

📰 News Worthy

What is CVE-2025-23242?

A vulnerability has been identified in NVIDIA Riva that allows improper access control. This could potentially be exploited to escalate privileges, resulting in unauthorized data modification, denial of service, or even disclosure of sensitive information. Users of affected Riva versions should take precautions to mitigate risks associated with this vulnerability.

Affected Version(s)

Riva Linux All versions up to and including 2.18.0

News Articles

Oracle

CVE-2025-23242 CVE-2025-23243

NVIDIA Support

Details This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1...

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5625

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by Oracle
Mar 17, 2025
Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia