CVE-2025-23342Insufficiently Protected Credentials in Nvidia Nvdebug

CWE-522Insufficiently Protected Credentials4 documents4 sources
Severity
9.8CRITICALNVD
CNA8.2
EPSS
0.1%
top 83.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia NvdebugNvidia Nvdebug Tool
Timeline
PublishedSep 9
Latest updateOct 31

Description

The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5nvidia/nvdebug_toolAll versions prior to 1.7.0
NVDnvidia/nvdebug< 1.7.0

🔴Vulnerability Details

2
GHSA
GHSA-mp9w-cfqh-r6h7: The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account2025-09-09
CVEList
CVE-2025-23342: The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account2025-09-09

💬Community

1
Bugzilla
CVE-2025-6075 python: Quadratic complexity in os.path.expandvars() with user-controlled template2025-10-31
CVE-2025-23342 — Insufficiently Protected Credentials | cvebase