Path Traversal Vulnerability in NVIDIA Nemo Framework
CVE-2025-23360

7.1HIGH

Key Information:

Vendor: Nvidia
Status: Nemo Framework
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-23360?

The NVIDIA Nemo Framework is impacted by a vulnerability that allows for a relative path traversal through arbitrary file writing. An attacker could exploit this flaw to execute unauthorized code or alter data, leading to significant security risks. It is crucial for users of the Nemo Framework to be aware of this vulnerability and implement necessary security practices to mitigate potential exploitation.

Affected Version(s)

NeMo Framework Windows All versions prior to 24.12

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5623

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia

What is CVE-2025-23360?

Affected Version(s)

References

CVSS V3.1

Timeline