CVE-2025-23307

{"id": "CVE-2025-23307", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-08-26T19:15:38.397", "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23307", "tags": ["Technical Description"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5690", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23307", "tags": ["Technical Description"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering."}, {"lang": "es", "value": "NVIDIA NeMo Curator para todas las plataformas contiene una vulnerabilidad que permite la inyecci\u00f3n de c\u00f3digo mediante un archivo malicioso creado por un atacante. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y la manipulaci\u00f3n de datos."}], "lastModified": "2025-10-01T19:58:20.903", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:nemo_curator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A779C9D-0345-44B3-BEDA-EA8BA3E54F4B", "versionEndExcluding": "25.07"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}