Code Injection Vulnerability in NVIDIA Isaac-GR00T Software
CVE-2025-33183

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Isaac-gr00t N1.5
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-33183?

NVIDIA Isaac-GR00T for all platforms exhibits a security vulnerability in its Python component that may allow attackers to exploit code injection. If successfully executed, this vulnerability can lead to unauthorized code execution, escalated privileges, potential information disclosure, and data tampering, posing significant risks to system integrity and user data security.

Affected Version(s)

NVIDIA Isaac-GR00T N1.5 All All versions that do not include code commit 7f53666

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33183

https://www.cve.org/CVERecord?id=CVE-2025-33183

https://nvidia.custhelp.com/app/answers/detail/a_id/5725

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33183?

Affected Version(s)

References

CVSS V3.1

Timeline