CVE-2025-0468
Published: 04 April 2025
Summary
CVE-2025-0468 is a high-severity Improper Handling of Insufficient Permissions or Privileges (CWE-280) vulnerability in Imaginationtech (inferred from references). Its CVSS base score is 7.1 (High).
Operationally, ranked at the 39.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-9894
Vulnerability details
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by…
more
the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.