← Back to CVEs
CVE-2025-33180
HIGH8.0
Description
NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.
CVE Details
CVSS v3.1 Score8.0
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published2/24/2026
Last Modified2/27/2026
Sourcenvd
Honeypot Sightings0
Affected Products
nvidia:cumulus_linuxnvidia:dgx_gb200nvidia:gb300_nvl72nvidia:nvosnvidia:quantum-x800
Weaknesses (CWE)
CWE-77
References
https://nvd.nist.gov/vuln/detail/CVE-2025-33180(psirt@nvidia.com)
https://nvidia.custhelp.com/app/answers/detail/a_id/5722(psirt@nvidia.com)
https://www.cve.org/CVERecord?id=CVE-2025-33180(psirt@nvidia.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.