Improper Authentication in NVIDIA Jetson Linux UEFI Vulnerability
CVE-2025-33182

7.6HIGH

Key Information:

Vendor: Nvidia
Status: Jetson Orin Series; Jetson Xavier Series
Vendor: CVE Published:; 14 October 2025

What is CVE-2025-33182?

NVIDIA Jetson Linux is vulnerable due to improper authentication in its UEFI implementation. This flaw allows a privileged user to manipulate the Linux Device Tree, potentially resulting in data tampering and denial of service. The exploitation of this vulnerability can have significant impacts on system integrity and reliability.

Affected Version(s)

Jetson Orin Series Linux 35.6.2 and earlier

Jetson Xavier Series Linux 35.6.2 and earlier

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5716

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33182?

Affected Version(s)

References

CVSS V3.1

Timeline