NVIDIA Virtual GPU Manager Multiple Vulnerabilities (October 2025)

🗓️ 17 Oct 2025 00:00:00Reported by TenableType

NVIDIA Virtual GPU Manager vulnerable to uninitialized pointer access enabling code execution, denial of service, and data tampering.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-23352	23 Oct 202518:44	–	circl
CNNVD	NVIDIA Virtual GPU Manager 缓冲区错误漏洞	23 Oct 202500:00	–	cnnvd
CVE	CVE-2025-23352	23 Oct 202518:36	–	cve
Cvelist	CVE-2025-23352	23 Oct 202518:36	–	cvelist
EUVD	EUVD-2025-35725	23 Oct 202521:31	–	euvd
NVD	CVE-2025-23352	23 Oct 202519:15	–	nvd
Nvidia	Security Bulletin: NVIDIA GPU Display Drivers - October 2025	9 Oct 202500:00	–	nvidia
RedhatCVE	CVE-2025-23352	30 Oct 202512:11	–	redhatcve
Vulnrichment	CVE-2025-23352	23 Oct 202518:36	–	vulnrichment

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(270686);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/24");

  script_cve_id("CVE-2025-23352");
  script_xref(name:"IAVA", value:"2025-A-0736-S");

  script_name(english:"NVIDIA Virtual GPU Manager Multiple Vulnerabilities (October 2025)");

  script_set_attribute(attribute:"synopsis", value:
"A GPU virtualization application installed on the remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The NVIDIA Virtual GPU Manager software on the remote host is missing a security update. It is, therefore, affected by
 a vulnerability where a malicious guest could cause uninitialized pointer access. A successful exploit of this 
 vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version 
number.");
  # https://nvidia.custhelp.com/app/answers/detail/a_id/5670/~/security-bulletin%3A-nvidia-gpu-display-driver---july-2025
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3251f5e4");
  script_set_attribute(attribute:"solution", value:
"Upgrade the NVIDIA vGPU Manager software in accordance with the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-23352");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/10/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:nvidia:virtual_gpu_manager");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("nvidia_vgpu_manager_installed.nbin");
  script_require_keys("installed_sw/NVIDIA Virtual GPU Manager", "os_fingerprint.nasl");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'NVIDIA Virtual GPU Manager');

var constraints = [
  { 'min_version' : '535.0', 'fixed_version' : '535.274.03', 'fixed_display' : '16.12 (535.274.03)' },
  { 'min_version' : '570.0', 'fixed_version' : '570.195.02', 'fixed_display' : '18.5 (570.195.02)' },
  { 'min_version' : '580.0', 'fixed_version' : '580.95.02', 'fixed_display' : '19.2 (580.95.02)' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

24 Feb 2026 00:00Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.17.8

EPSS0.00024

SSVC