- Description
- NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- Source
- psirt@nvidia.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@nvidia.com
- CWE-94
- Hype score
- Not currently trending
[ZDI-25-1041|CVE-2025-33183] NVIDIA Isaac-GR00T TorchSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVSS 9.8; Credit: Peter Girnus (@gothburz) of Trend Zero Day Initiative) https://t.co/dyOSkZUfyQ
@TheZDIBugs
4 Dec 2025
3475 Impressions
1 Retweet
8 Likes
3 Bookmarks
0 Replies
1 Quote
CVE-2025-33183 NVIDIA Isaac-GR00T Python Component Code Injection Vulnerability Enables Remote Attack https://t.co/VRwe7N1O0H
@VulmonFeeds
18 Nov 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes