CVE-2025-23309_CVE-2025-23309

8.2 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Description

NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering.

Basic Information

ID CVE-2025-23309

Source nvidia

Published Oct 10, 2025 at 17:40

Affected Product

Vendor NVIDIA

Product GeForce

Version All driver versions prior to 581.42

Affected Versions NVIDIA GeForce All driver versions prior to 581.42
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 581.42
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 573.76
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 539.56
NVIDIA Tesla All driver versions prior to 581.42
NVIDIA Tesla All driver versions prior to 573.76
NVIDIA Tesla All driver versions prior to 539.56

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering.",
    "published": "2025-10-10T17:40:42.076Z",
    "modified": "2025-10-10T17:40:42.076Z",
    "type": "cve",
    "title": "CVE-2025-23309",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23309\nhttps://www.cve.org/CVERecord?id=CVE-2025-23309\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5703",
    "id": "CVE-2025-23309",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA GeForce All driver versions prior to 581.42\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 581.42\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 573.76\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 539.56\nNVIDIA Tesla All driver versions prior to 581.42\nNVIDIA Tesla All driver versions prior to 573.76\nNVIDIA Tesla All driver versions prior to 539.56",
    "sourceHref": "",
    "cvss": {
        "score": 8.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GeForce",
    "version": "All driver versions prior to 581.42",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}