CVE-2025-23253 | THREATINT

Description

NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.

PUBLISHED Reserved 2025-01-14 | Published 2025-04-22 | Updated 2025-04-22 | Assigner nvidia

LOW: 2.5CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Problem types

CWE-547 Use of Hard-coded, Security-relevant Constants

Product status

Default status

unaffected

All versions up to and including 11.0.2.337 (prod2 hotfix)

affected

References

nvidia.custhelp.com/app/answers/detail/a_id/5644

cve.org (CVE-2025-23253)

nvd.nist.gov (CVE-2025-23253)

Download JSON