CVE-2025-23244

Published May 1, 2025

Last updated 9 hours ago

CVSS high 7.8

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-23244 affects Progress MOVEit Transfer (SFTP module). It involves an Improper Privilege Management vulnerability. Specifically, users configured as Shared Accounts are susceptible to Privilege Escalation. The issue impacts MOVEit Transfer versions from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, and from 2024.1.0 before 2024.1.2. Additionally, CVE-2025-23244 has been identified in the NVIDIA GPU Display Driver for Linux. This vulnerability could allow an unprivileged attacker to escalate permissions, potentially leading to code execution, denial of service, information disclosure, and data tampering.

Description
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Source
psirt@nvidia.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@nvidia.com
CWE-863

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. CVE-2025-23244 NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerab… https://t.co/b6Ac4OIIBE

    @CVEnew

    1 May 2025

    263 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-23244: Found a fun bug on mobile GPU, and yay not surprisingly it worked on other GPUs too https://t.co/YmjSu6WW53

    @1ce0ear

    30 Apr 2025

    7670 Impressions

    14 Retweets

    148 Likes

    46 Bookmarks

    6 Replies

    1 Quote

  3. Új biztonsági hibát tárt fel az NVIDIA a Linux GPU-illesztőprogramjaiban Az NVIDIA friss biztonsági közleményében egy új sebezhetőségre hívta fel a figyelmet Linux rendszereken használt grafikus kártya-illesztőprogramjaikban. A CVE-2025-23244 azonosítójú hiba

    @linuxmint_hun

    28 Apr 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Vulnerability Alert: NVIDIA GPU Driver and vGPU Software Vulnerabilities 📅 Timeline: Disclosure: 2025-04-24, Patch: 2025-04-24 📌 Attribution: Bill Creasey - Google 🆔 CVE: CVE-2025-23244 📊 Base Score: 7.8 📏 CVSS Metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:H

    @syedaquib77

    26 Apr 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References