CVE-2025-23253

{"id": "CVE-2025-23253", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.0}]}, "published": "2025-04-22T19:15:51.827", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5644", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-547"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."}, {"lang": "es", "value": "El servicio NVIDIA NvContainer para Windows contiene una vulnerabilidad en el uso de OpenSSL. Un atacante podr\u00eda explotar un problema constante codificado copiando una DLL maliciosa en una ruta codificada. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar ejecuci\u00f3n de c\u00f3digo, denegaci\u00f3n de servicio, escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n o manipulaci\u00f3n de datos."}], "lastModified": "2025-04-23T14:08:13.383", "sourceIdentifier": "[email protected]"}