CVE-2025-33231

MEDIUM EPSS 5.1%
Published Jan 20, 20265mo ago · Modified Jun 17, 20262w ago
6.7 CVSS 3.1
Medium
Find Similar
Published Jan 20, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago

Description

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service and information disclosure.

CVSS Details

Base Score
6.7
Exploitability
0.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-427

Affected Products 2

VendorProductVersionRange
nvidiacuda_toolkit* <13.1.0
microsoftwindows*any

References 3

  • nvd.nist.gov https://nvd.nist.gov/vuln/detail/CVE-2025-33231
    US Government ResourceVDB Entry
  • nvidia.custhelp.com https://nvidia.custhelp.com/app/answers/detail/a_id/5755
    PatchVendor Advisory
  • cve.org https://www.cve.org/CVERecord?id=CVE-2025-33231
    Third Party Advisory

Remediation

  • nvidia.custhelp.com https://nvidia.custhelp.com/app/answers/detail/a_id/5755
    PatchVendor Advisory