CVE-2025-23290

LOW EPSS 3.3%

Published Aug 2, 202511mo ago · Modified Jun 17, 20261w ago

2.5 CVSS 3.1

Low

Published Aug 2, 2025 11mo ago

Last Modified Jun 17, 2026 1w ago

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure.

CVSS Details

Base Score

2.5

Exploitability

1.0

Impact

1.4

Vector string

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector Local

Attack Complexity High

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality Low

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

3.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

References 1

nvidia.custhelp.com https://nvidia.custhelp.com/app/answers/detail/a_id/5670

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.