Path Traversal Vulnerability in NVIDIA Nemo Framework
CVE-2025-23360

7.1HIGH

Key Information:

Vendor: Nvidia
Status: Nemo Framework
Vendor: CVE Published:; 11 March 2025

Summary

The NVIDIA Nemo Framework is impacted by a vulnerability that allows for a relative path traversal through arbitrary file writing. An attacker could exploit this flaw to execute unauthorized code or alter data, leading to significant security risks. It is crucial for users of the Nemo Framework to be aware of this vulnerability and implement necessary security practices to mitigate potential exploitation.

Affected Version(s)

NeMo Framework Windows All versions prior to 24.12

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5623

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Jan 14, 2025