CVE-2025-23281

High CVSS 7.0

Overview

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

CWE: CWE-416 Published: 2025-08-02T22:15:44.993

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.0 (HIGH)
Detected tags: dos, info_leak, race (tag impact: VERY HIGH)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.
Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags