CVE-2025-23253
Published: 22 April 2025
Summary
CVE-2025-23253 is a low-severity Use of Hard-coded, Security-relevant Constants (CWE-547) vulnerability in Custhelp (inferred from references). Its CVSS base score is 2.5 (Low).
Operationally, ranked at the 28.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-12266
Vulnerability details
NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to…
more
code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.