Cyber Resilience

CVE-2025-23303

High

Published: 13 August 2025

Published
13 August 2025
Modified
23 September 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0324 87.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-23303 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Nvidia Nemo. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 12.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

NVIDIA NeMo Framework for all platforms is affected by CVE-2025-23303, a deserialization of untrusted data vulnerability tracked under CWE-502. The flaw permits an attacker to trigger remote code execution through crafted input, with a CVSS 3.1 base score of 7.8 reflecting high impact on confidentiality, integrity, and availability.

An authenticated local user with low privileges can exploit the issue without user interaction by supplying malicious serialized data to the framework. Successful exploitation results in arbitrary code execution and data tampering on the affected system.

The EPSS score remains flat at 0.0324 with no material increase after disclosure. Official details and updates are available in the NVIDIA security advisory and the NVD entry linked from the CVE record.

EU & UK References

Vulnerability details

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Unsafe deserialization enables local low-privileged arbitrary code execution, directly facilitating exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-23360Same product: Apple Macos
CVE-2025-23304Same product: Apple Macos
CVE-2026-9970Same product: Apple Macos
CVE-2026-7919Same product: Apple Macos
CVE-2026-9960Same product: Apple Macos
CVE-2026-9998Same product: Apple Macos
CVE-2026-9931Same product: Apple Macos
CVE-2026-7985Same product: Apple Macos
CVE-2026-9909Same product: Apple Macos
CVE-2026-9997Same product: Apple Macos

Affected Assets

nvidia
nemo
≤ 2.3.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly mitigates the deserialization vulnerability by applying patches to prevent exploitation leading to code execution and data tampering.

prevent

Information input validation ensures untrusted data is checked before deserialization, directly preventing the unsafe deserialization attack vector.

prevent

Memory protection safeguards such as non-executable memory prevent arbitrary code execution resulting from deserialization exploits.

References