Improper Communication Channel Restrictions in NVIDIA RunAI
CVE-2025-33176

6.2MEDIUM

Key Information:

Vendor: Nvidia
Status: Runai
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-33176?

NVIDIA RunAI for all platforms has a vulnerability that allows users to improperly restrict communication channels on adjacent networks. This weakness can be exploited to escalate privileges, resulting in potential data tampering and the unauthorized disclosure of sensitive information. Addressing this issue is crucial to maintaining the integrity and security of network communications.

Affected Version(s)

RunAI Linux All versions prior to 2.22.48

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33176

https://www.cve.org/CVERecord?id=CVE-2025-33176

https://nvidia.custhelp.com/app/answers/detail/a_id/5719

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33176?

Affected Version(s)

References

CVSS V3.1

Timeline