CVE-2025-33218 - Vulnerability Details

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Nvidia Subscribe	Geforce Subscribe Gpu Display Driver Subscribe Quadro Subscribe Rtx Subscribe Rtx Pro Subscribe Tesla Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Nvidia Subscribe	Geforce Subscribe Gpu Display Driver Subscribe Quadro Subscribe Rtx Subscribe Rtx Pro Subscribe Tesla Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2025-33218
https://nvidia.custhelp.com/app/answers/detail/a_id/5747
https://www.cve.org/CVERecord?id=CVE-2025-33218

History

Thu, 29 Jan 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Nvidia Nvidia geforce Nvidia gpu Display Driver Nvidia quadro Nvidia rtx Nvidia rtx Pro Nvidia tesla
Vendors & Products		Nvidia Nvidia geforce Nvidia gpu Display Driver Nvidia quadro Nvidia rtx Nvidia rtx Pro Nvidia tesla

Wed, 28 Jan 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 28 Jan 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description		NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Weaknesses		CWE-190
References		https://nvd.nist.gov/vuln/detail/CVE-2025-33218 https://nvidia.custhelp.com/app/answers/detail/a_id/5747 https://www.cve.org/CVERecord?id=CVE-2025-33218
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2026-01-28T17:47:25.322Z

Updated: 2026-01-29T04:55:51.373Z

Reserved: 2025-04-15T18:51:06.915Z

Link: CVE-2025-33218

Vulnrichment

Updated: 2026-01-28T18:13:40.230Z

NVD

Status : Received

Published: 2026-01-28T18:16:48.540

Modified: 2026-01-28T18:16:48.540

Link: CVE-2025-33218

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-01-29T09:08:55Z

Weaknesses

CWE-190

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object