CVE-2025-23242

Published Mar 11, 2025

Last updated 3 months ago

CVSS high 7.3

Overview

Description
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.
Source
psirt@nvidia.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.3
Impact score
3.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Severity
HIGH

Weaknesses

psirt@nvidia.com
CWE-284

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2025-23242

    @transilienceai

    2 May 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. BREAKING: Misconfigured NVIDIA Riva deployments expose AI speech + translation services to attack. Critical flaws (CVE-2025-23242, CVE-2025-23243) allow GPU abuse & model theft. Secure your cloud setups now. 🔐 Full story 👉 https://t.co/puRu5SHuN1 #AIsecurity #NVIDIA

    @threatsbank

    29 Apr 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🗞️ NVIDIA Riva Vulnerabilities Expose AI-Powered Speech Services to Unauthorized Access Trend Micro uncovered critical NVIDIA Riva vulnerabilities (CVE-2025-23242, CVE-2025-23243), allowing unauthorized access to AI speech services. Patched via responsible disclosure, these

    @gossy_84

    29 Apr 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 Heads up! Unprotected NVIDIA Riva deployments in the cloud can expose your org to serious risks. 😬 Trend Micro uncovers vulnerabilities (CVE-2025-23242 & CVE-2025-23243) leading to potential GPU abuse & data theft. Secure your Riva configs now! https://t.co/l9QNxc

    @fernandokarl

    28 Apr 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Nvidia has patched critical vulnerabilities (CVE-2025-23242 & CVE-2025-23243) in Riva AI services that could allow unauthorized access and data tampering. Update to protect against risks! 🚨 #Nvidia #AIservices #USA link: https://t.co/qVCxH6yhCk https://t.co/EjSFLxKNMe

    @TweetThreatNews

    17 Mar 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability (CVE-2025-23242) #CVE202523242 #NVIDIA https://t.co/qIL0lZ5YLU https://t.co/HSyNRrElC3

    @SystemTek_UK

    14 Mar 2025

    31 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  7. 🚨 CVE-2025-23242 🔴 HIGH (7.3) 🏢 NVIDIA - Riva 🏗️ All versions up to and including 2.18.0 🔗 https://t.co/qoy2zXV4f5 #CyberCron #VulnAlert #InfoSec https://t.co/vqQ790UWbI

    @cybercronai

    13 Mar 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-23242 NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of… https://t.co/1mk0QOpouu

    @CVEnew

    11 Mar 2025

    253 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.