NVIDIA Delegated Licensing Service Vulnerability Leads to Unauthorized Actions
CVE-2025-23291

2.4LOW

Key Information:

Vendor: Nvidia
Status: Dls Component Of Nvidia License System
Vendor: CVE Published:; 30 September 2025

What is CVE-2025-23291?

The NVIDIA Delegated Licensing Service across all appliance platforms is susceptible to a vulnerability that allows attackers to execute authorized actions unexpectedly. When exploited, this defect may result in the unintentional disclosure of sensitive information, representing a significant risk to user data security and privacy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

DLS component of NVIDIA License System All All versions prior to v3.5.1 and v3.1.7

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23291

https://www.cve.org/CVERecord?id=CVE-2025-23291

https://nvidia.custhelp.com/app/answers/detail/a_id/5705

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia