NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.
CVE ID: CVE-2025-23242
CVSS Base Severity: HIGH
CVSS Base Score: 7.3
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vendor: NVIDIA
Product: Riva
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 11.61% (scored less or equal to compared to others)
EPSS Date: 2025-04-09 (when was this score calculated)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: true