CVE-2025-23305

{"id": "CVE-2025-23305", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-08-13T18:15:30.103", "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23305", "tags": ["Technical Description"], "source": "[email protected]"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5685", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23305", "tags": ["Technical Description"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering."}, {"lang": "es", "value": "NVIDIA Megatron-LM para todas las plataformas contiene una vulnerabilidad en el componente de herramientas, donde un atacante podr\u00eda explotar un problema de inyecci\u00f3n de c\u00f3digo. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo, la escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y la manipulaci\u00f3n de datos."}], "lastModified": "2025-09-19T17:05:48.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:megatron-lm:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DCE9E29-E9C4-449E-B916-4C16C45E5F94", "versionEndExcluding": "0.12.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}