CVE-2025-23291

LOW2.4

Description

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

None

Availability

None

Affected products

NVIDIA / DLS component of NVIDIA License SystemAll versions prior to v3.5.1 and v3.1.7 – All versions prior to v3.5.1 and v3.1.7

References

CONFIRMhttps://nvd.nist.gov/vuln/detail/CVE-2025-23291
CONFIRMhttps://www.cve.org/CVERecord?id=CVE-2025-23291
MISChttps://nvidia.custhelp.com/app/answers/detail/a_id/5705