CVE-2025-23256_CVE-2025-23256

8.7 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

Description

NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

Basic Information

ID CVE-2025-23256

Source nvidia

Published Sep 4, 2025 at 15:50

Affected Product

Vendor NVIDIA

Product BlueField GA

Version All versions prior to 45.1020

Affected Versions NVIDIA BlueField GA All versions prior to 45.1020
NVIDIA BlueField LTS22 All versions prior to 35.4554
NVIDIA BlueField LTS23 All versions prior to 39.5050
NVIDIA BlueField LTS24 All versions prior to 43.3608

CWE Classification

CWE-863

References

{
    "lastseen": "",
    "description": "NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.",
    "published": "2025-09-04T15:50:50.490Z",
    "modified": "2025-09-04T15:50:50.490Z",
    "type": "cve",
    "title": "CVE-2025-23256",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23256\nhttps://www.cve.org/CVERecord?id=CVE-2025-23256\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5655",
    "id": "CVE-2025-23256",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA BlueField GA All versions prior to 45.1020\nNVIDIA BlueField LTS22 All versions prior to 35.4554\nNVIDIA BlueField LTS23 All versions prior to 39.5050\nNVIDIA BlueField LTS24 All versions prior to 43.3608",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "BlueField GA",
    "version": "All versions prior to 45.1020",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}