AI description
CVE-2025-23243 is a vulnerability found in NVIDIA Riva. It stems from an improper access control issue, where a user could potentially bypass intended restrictions. Successful exploitation of this vulnerability could lead to data tampering or a denial of service. The vulnerability is remotely exploitable and doesn't require authentication.
- Description
- NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.
- Source
- psirt@nvidia.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
- Severity
- MEDIUM
- psirt@nvidia.com
- CWE-284
- Hype score
- Not currently trending
BREAKING: Misconfigured NVIDIA Riva deployments expose AI speech + translation services to attack. Critical flaws (CVE-2025-23242, CVE-2025-23243) allow GPU abuse & model theft. Secure your cloud setups now. 🔐 Full story 👉 https://t.co/puRu5SHuN1 #AIsecurity #NVIDIA
@threatsbank
29 Apr 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🗞️ NVIDIA Riva Vulnerabilities Expose AI-Powered Speech Services to Unauthorized Access Trend Micro uncovered critical NVIDIA Riva vulnerabilities (CVE-2025-23242, CVE-2025-23243), allowing unauthorized access to AI speech services. Patched via responsible disclosure, these
@gossy_84
29 Apr 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Heads up! Unprotected NVIDIA Riva deployments in the cloud can expose your org to serious risks. 😬 Trend Micro uncovers vulnerabilities (CVE-2025-23242 & CVE-2025-23243) leading to potential GPU abuse & data theft. Secure your Riva configs now! https://t.co/l9QNxc
@fernandokarl
28 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Nvidia has patched critical vulnerabilities (CVE-2025-23242 & CVE-2025-23243) in Riva AI services that could allow unauthorized access and data tampering. Update to protect against risks! 🚨 #Nvidia #AIservices #USA link: https://t.co/qVCxH6yhCk https://t.co/EjSFLxKNMe
@TweetThreatNews
17 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ZDI-25-144|CVE-2025-23243] NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability (CVSS:6.5; Credit: David Fiser and Alfredo Oliveira (Nebula of Trend Micro) https://t.co/wImhAyBYu7
@TheZDIBugs
13 Mar 2025
2531 Impressions
8 Retweets
8 Likes
2 Bookmarks
0 Replies
1 Quote
CVE-2025-23243 03/11/2025 08:15:16 PM BaseSeverity: MEDIUM NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tam... https://t.co/51IUd1pnDe
@CVETracker
12 Mar 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23243 NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tamperin… https://t.co/yNSXrBhB9g
@CVEnew
11 Mar 2025
234 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes