CVE IDs: CVE-2025-33179, CVE-2025-33180, CVE-2025-33181 Affected Products: - Cumulus Linux GA and LTS versions prior to 5.14, 5.11.4, and 5.9.4 respectively - NVOS: GB200, GB300 (1.0), and IBSwitch XDR versions prior to 25.02.2452, 25.02.4282, and 25.02.5030 respectively Vulnerability Description: - All vulnerabilities are related to the NVUE interface in NVIDIA Cumulus Linux and NVOS. - A low-privileged user could exploit these vulnerabilities to run or inject an unauthorized command, potentially leading to privilege escalation. CVE Severity: - CVE-2025-33179 and CVE-2025-33180 have a severity score of 8.0, indicating a high severity. - CVE-2025-33181 has a severity score of 7.3, also indicating high severity. CVE Impacts: All vulnerabilities could lead to an escalation of privileges. Updated Versions: - For Cumulus Linux: 5.14, 5.11.4, 5.9.4 respectively for GA and LTS versions. - For NVOS: 25.02.2452, 25.02.4282, 25.02.5030 for GB200, GB300 (1.0), and IBSwitch XDR respectively.