CVE-2025-23263

NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.5

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5654

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) NVIDIA DOCA-Host y Mellanox OFED contienen una vulnerabilidad en la función VGT+, donde un atacante en una VM podría provocar una escalada de privilegios y una denegación de servicio en la VLAN.

17 Jul 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-17 18:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-23263

Mitre link : CVE-2025-23263

CVE.ORG link : CVE-2025-23263

JSON object : View

Products Affected

No product.

CWE

CWE-279

Incorrect Execution-Assigned Permissions

7.6 /10