关键漏洞信息 CVE-2025-23344 Detail CVE Dictionary Entry: CVE-2025-23344 NVD Published Date: 09/09/2025 NVD Last Modified: 09/09/2025 Source: NVIDIA Corporation Description The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering. Metrics CVSS Version 3.x - Base Score: 7.3 HIGH - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H References to Advisories, Solutions, and Tools https://nvd.nist.gov/vuln/detail/CVE-2025-23344 (NVIDIA Corporation) https://nvidia.custhelp.com/app/answers/detail/a_id/5696 (NVIDIA Corporation) https://www.cve.org/CVERecord?id=CVE-2025-23344 (NVIDIA Corporation) Weakness Enumeration CWE-ID: CWE-78 CWE Name: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Source: NVIDIA Corporation Change History 1 change record found [show changes]