NVIDIA Display Driver Vulnerability Leads to Potential Escalation of Privileges and Code Execution
CVE-2025-23309

8.2HIGH

Key Information:

Vendor: Nvidia
Status: Geforce; Nvidia Rtx, Quadro, Nvs; Tesla
Vendor: CVE Published:; 10 October 2025

What is CVE-2025-23309?

A vulnerability in the NVIDIA Display Driver allows for an uncontrolled DLL loading path leading to significant security risks. This could result in unauthorized code execution, data tampering, and potential escalation of privileges, which may compromise system integrity and user data.

Affected Version(s)

GeForce Windows(R580) All driver versions prior to 581.42

NVIDIA RTX, Quadro, NVS Windows(R535) All driver versions prior to 539.56

NVIDIA RTX, Quadro, NVS Windows(R570) All driver versions prior to 573.76

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23309

https://www.cve.org/CVERecord?id=CVE-2025-23309

https://nvidia.custhelp.com/app/answers/detail/a_id/5703

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia

What is CVE-2025-23309?

Affected Version(s)

References

CVSS V3.1

Timeline