CVE-2025-33231

Description

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service and information disclosure.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

NVIDIA / CUDA ToolkitAll versions prior to CUDA Toolkit 13.1 – All versions prior to CUDA Toolkit 13.1

References

CONFIRMhttps://nvd.nist.gov/vuln/detail/CVE-2025-33231
CONFIRMhttps://www.cve.org/CVERecord?id=CVE-2025-33231
MISChttps://nvidia.custhelp.com/app/answers/detail/a_id/5755