CVE-2025-23352

HIGH 7.8

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CWE	CWE-824
Vendor	nvidia
Product	virtual gpu manager
Published	Oct 23, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia virtual gpu manager

Be the first to know when new high vulnerabilities affecting nvidia virtual gpu manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

NVIDIA / Virtual GPU Manager

580.82.02(All versions up to and including the August 2025 release)

NVIDIA / Virtual GPU Manager

580.82.02(All versions prior to and including vGPU 19.1)

NVIDIA / Virtual GPU Manager

570.172.07(All versions prior to and including vGPU 18.4)

NVIDIA / Virtual GPU Manager

535.261.04(All versions prior to and including vGPU 16.11)

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2025-23352 cve.org: https://www.cve.org/CVERecord?id=CVE-2025-23352 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5703