CVE ID: CVE-2025-23262 Published Date: 2025-09-04 Updated Date: 2025-09-04 CNA: NVIDIA Corporation Description: NVIDIA ConnectX contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. CWE: CWE-863: Incorrect Authorization CVSS Score: 8.3 (Medium) Affected Products: - ConnectX GA: All versions prior to 45.1020 - ConnectX LTS22: All versions prior to 35.4554 - ConnectX LTS23: All versions prior to 39.5050 - ConnectX LTS24: All versions prior to 43.3608 - ConnectX-4: All versions prior to 12.28.2704 - ConnectX-4 LX: All versions prior to 14.32.1908