DLL Hijacking Vulnerability in NVIDIA Nsight Graphics for Windows
CVE-2025-23355

6.7MEDIUM

Key Information:

Vendor: Nvidia
Status: Nsight Graphics
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-23355?

NVIDIA Nsight Graphics for Windows contains a vulnerability in its ngfx component that exposes the software to potential DLL hijacking attacks. If exploited, this vulnerability may allow an attacker to execute arbitrary code, escalate privileges, tamper with data, and even cause denial of service. This significantly compromises the integrity and security of the affected system.

Affected Version(s)

Nsight Graphics Windows All versions prior to Nsight Graphics 2025.3

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23355

https://www.cve.org/CVERecord?id=CVE-2025-23355

https://nvidia.custhelp.com/app/answers/detail/a_id/5704

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia

What is CVE-2025-23355?

Affected Version(s)

References

CVSS V3.1

Timeline