Home

Description

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

PUBLISHED Reserved 2025-04-15 | Published 2026-02-24 | Updated 2026-02-24 | Assigner nvidia




HIGH: 8.0CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-266 Incorrect Privilege Assignment

Product status

Default status
unaffected

All versions prior to 5.14 (5.13.x, 5.12.x, and older GA versions)
affected

Default status
unaffected

All versions prior to 5.11.4
affected

Default status
unaffected

All versions prior to 5.9.4
affected

Default status
unaffected

All versions prior to 1.3 - 25.02.244
affected

Default status
unaffected

All versions prior to 25.02.4282
affected

Default status
unaffected

All versions prior to 25.02.5030
affected

References

nvd.nist.gov/vuln/detail/CVE-2025-33179

www.cve.org/CVERecord?id=CVE-2025-33179

nvidia.custhelp.com/app/answers/detail/a_id/5722

cve.org (CVE-2025-33179)

nvd.nist.gov (CVE-2025-33179)

Download JSON