NVIDIA Delegated Licensing Service Vulnerability Leads to Unauthorized Actions
CVE-2025-23291

2.4LOW

Key Information:

Vendor: Nvidia
Status: Dls Component Of Nvidia License System
Vendor: CVE Published:; 30 September 2025

What is CVE-2025-23291?

The NVIDIA Delegated Licensing Service across all appliance platforms is susceptible to a vulnerability that allows attackers to execute authorized actions unexpectedly. When exploited, this defect may result in the unintentional disclosure of sensitive information, representing a significant risk to user data security and privacy.

Affected Version(s)

DLS component of NVIDIA License System All All versions prior to v3.5.1 and v3.1.7

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23291

https://www.cve.org/CVERecord?id=CVE-2025-23291

https://nvidia.custhelp.com/app/answers/detail/a_id/5705

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia

What is CVE-2025-23291?

Affected Version(s)

References

CVSS V3.1

Timeline