NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
Advisories
Source ID Title
EUVD EUVD EUVD-2025-32046 NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 22 Oct 2025 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:nvidia:nsight_graphics:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Thu, 02 Oct 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 02 Oct 2025 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
Nvidia
Nvidia nsight Graphics
Vendors & Products Microsoft
Microsoft windows
Nvidia
Nvidia nsight Graphics

Wed, 01 Oct 2025 21:30:00 +0000

Type Values Removed Values Added
Description NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
Weaknesses CWE-427
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2025-10-03T03:55:32.293Z

Reserved: 2025-01-14T01:07:26.680Z

Link: CVE-2025-23355

cve-icon Vulnrichment

Updated: 2025-10-02T13:37:39.386Z

cve-icon NVD

Status : Analyzed

Published: 2025-10-01T22:15:30.663

Modified: 2025-10-22T15:50:29.027

Link: CVE-2025-23355

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-10-02T08:38:17Z