CVE-2025-33218

High

Published: 28 January 2026

Published

28 January 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0001 0.4th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-33218 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Custhelp (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the integer overflow vulnerability in the NVIDIA GPU Display Driver kernel mode layer by identifying, testing, and deploying vendor-provided patches.

SI-16 Memory Protection partial match

prevent

Memory protection mechanisms like ASLR, DEP, and stack canaries mitigate arbitrary code execution resulting from the integer overflow in kernel mode.

RA-5 Vulnerability Monitoring and Scanning partial match

detect

Vulnerability scanning identifies systems with vulnerable versions of the NVIDIA GPU Display Driver affected by this CVE.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Integer overflow in Windows kernel-mode NVIDIA driver directly enables local low-privileged arbitrary code execution and privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial…

of service, or information disclosure.

Deeper analysisAI

CVE-2025-33218 is an integer overflow vulnerability (CWE-190) in the kernel mode layer (nvlddmkm.sys) of the NVIDIA GPU Display Driver for Windows. An attacker could trigger this issue, potentially leading to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. The vulnerability received a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-01-28T18:16:48.540.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows arbitrary code execution in kernel mode, privilege escalation from a low-privilege context, data tampering, denial of service, or information disclosure, all within the unchanged security scope.

Mitigation details and patches are documented in advisories from NVIDIA at https://nvidia.custhelp.com/app/answers/detail/a_id/5747, as well as the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2025-33218 and the CVE record at https://www.cve.org/CVERecord?id=CVE-2025-33218. Security practitioners should consult these resources for applicable updates to the affected NVIDIA GPU Display Driver for Windows.