CVE-2025-23262

🗓️ 04 Sep 2025 15:52:49Reported by nvidiaType

Local attacker can modify configuration due to an authorization flaw in NVIDIA ConnectX management interface, enabling denial of service, privilege escalation, data tampering, and disclosure.

Reporter	Title	Published	Views	Family All 9
CNNVD	NVIDIA ConnectX 安全漏洞	4 Sep 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in NVIDIA ConnectX (CNVD-2025-21179)	8 Sep 202500:00	–	cnvd
Cvelist	CVE-2025-23262	4 Sep 202515:52	–	cvelist
EUVD	EUVD-2025-26730	3 Oct 202520:07	–	euvd
NVD	CVE-2025-23262	4 Sep 202516:15	–	nvd
Nvidia	Security Bulletin: NVIDIA Bluefield, ConnectX, DOCA, Mellanox DPDK, Cumulus Linux and NVOS - September 2025	2 Sep 202500:00	–	nvidia
Positive Technologies	PT-2025-36006	4 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-23262	6 Sep 202516:10	–	redhatcve
Vulnrichment	CVE-2025-23262	4 Sep 202515:52	–	vulnrichment

Vulners

Node

nvidia connectx_gaRange<45.1020

nvidia connectx_lts22Range<35.4554

nvidia connectx_lts23Range<39.5050

nvidia connectx_lts24Range<43.3608

nvidia connectx-4Range<12.28.2704

nvidia connectx-4_lxRange<14.32.1908

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "ConnectX-6 DE",
      "ConnectX-6 DX",
      "ConnectX-6 LX",
      "ConnectX-7",
      "ConnectX-8"
    ],
    "product": "ConnectX GA",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 45.1020"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "ConnectX-5",
      "ConnectX-6",
      "ConnectX-6 DE",
      "ConnectX-6 DX",
      "ConnectX-6 LX",
      "ConnectX-7"
    ],
    "product": "ConnectX LTS22",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 35.4554"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "ConnectX-6",
      "ConnectX-6 DE",
      "ConnectX-6 DX",
      "ConnectX-6 LX",
      "ConnectX-7"
    ],
    "product": "ConnectX LTS23",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 39.5050"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "ConnectX-6",
      "ConnectX-6 DE",
      "ConnectX-6 DX",
      "ConnectX-6 LX",
      "ConnectX-7"
    ],
    "product": "ConnectX LTS24",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 43.3608"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "N/A-12.28"
    ],
    "product": "ConnectX-4",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 12.28.2704"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "N/A-14.32"
    ],
    "product": "ConnectX-4 LX",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 14.32.1908"
      }
    ]
  }
]

Source	Link
cve	www.cve.org/CVERecord
nvidia	www.nvidia.custhelp.com/app/answers/detail/a_id/5655
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-23262

15 Apr 2026 00:35Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.3

EPSS0.00019

SSVC

CWE-863