Ddos 
NVIDIA has released an important software security update for the NVIDIA App on Windows systems, addressing a high-severity local privilege escalation vulnerability (CVE-2025-23358) that could allow attackers to execute arbitrary code with elevated privileges.
According to NVIDIA’s official bulletin, “NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges.”
The flaw, which carries a CVSS v3.1 base score of 8.2 (High), impacts all NVIDIA App versions prior to 11.0.5.260.
The vulnerability resides in the Windows installer component of the NVIDIA App — the desktop client that manages GPU drivers, game settings, and system optimizations for GeForce users.
NVIDIA describes the issue as a “search path element vulnerability,” a class of weakness that occurs when software loads resources or executables from unsafe or uncontrolled directories. In this case, a local attacker could exploit the installer’s improper search path configuration to inject and execute malicious DLLs or scripts during installation or updates.
If successfully exploited, the attacker could gain elevated privileges on the target system, effectively allowing them to run arbitrary code with administrative rights. NVIDIA warns that exploitation could “lead to code execution and escalation of privileges,” meaning that a compromised user account could become a system-wide threat.
NVIDIA recommends all users download and install the latest version of the NVIDIA App (v11.0.5.260) immediately.
Related Posts:
- Hacker group threatens to expose Nvidia driver and firmware data
- NVIDIA GPU Driver Patches Multiple High-Severity Flaws Risking RCE and Privilege Escalation
- PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public
- Cracked Software: A Gateway to Malware and Data Theft
- Nvidia’s internal systems were attacked by hackers
Donate