CVE-2025-23262 | THREATINT

Description

NVIDIA ConnectX contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

PUBLISHED Reserved 2025-01-14 | Published 2025-09-04 | Updated 2025-09-04 | Assigner nvidia

MEDIUM: 6.3CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

Problem types

CWE-863 Incorrect Authorization

Product status

Default status

unaffected

All versions prior to 45.1020

affected

Default status

unaffected

All versions prior to 35.4554

affected

Default status

unaffected

All versions prior to 39.5050

affected

Default status

unaffected

All versions prior to 43.3608

affected

Default status

unaffected

All versions prior to 12.28.2704

affected

Default status

unaffected

All versions prior to 14.32.1908

affected

References

nvd.nist.gov/vuln/detail/CVE-2025-23262

www.cve.org/CVERecord?id=CVE-2025-23262

nvidia.custhelp.com/app/answers/detail/a_id/5655

cve.org (CVE-2025-23262)

nvd.nist.gov (CVE-2025-23262)

Download JSON

help @ threatint.eu