CVE-2025-23243

Published Mar 11, 2025

Last updated 24 days ago

CVSS medium 6.5

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-23243 is a vulnerability found in NVIDIA Riva. It stems from an improper access control issue, where a user could potentially bypass intended restrictions. Successful exploitation of this vulnerability could lead to data tampering or a denial of service. The vulnerability is remotely exploitable and doesn't require authentication.

Description
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.
Source
psirt@nvidia.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.5
Impact score
2.5
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Severity
MEDIUM

Weaknesses

psirt@nvidia.com
CWE-284

Social media

Hype score
Not currently trending

  1. Nvidia has patched critical vulnerabilities (CVE-2025-23242 & CVE-2025-23243) in Riva AI services that could allow unauthorized access and data tampering. Update to protect against risks! 🚨 #Nvidia #AIservices #USA link: https://t.co/qVCxH6yhCk https://t.co/EjSFLxKNMe

    @TweetThreatNews

    17 Mar 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [ZDI-25-144|CVE-2025-23243] NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability (CVSS:6.5; Credit: David Fiser and Alfredo Oliveira (Nebula of Trend Micro) https://t.co/wImhAyBYu7

    @TheZDIBugs

    13 Mar 2025

    2531 Impressions

    8 Retweets

    8 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  3. CVE-2025-23243 03/11/2025 08:15:16 PM BaseSeverity: MEDIUM NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tam... https://t.co/51IUd1pnDe

    @CVETracker

    12 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-23243 NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tamperin… https://t.co/yNSXrBhB9g

    @CVEnew

    11 Mar 2025

    234 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References