Vulnerability-Lookup

CVE-2025-33237 (GCVE-0-2025-33237)

Vulnerability from cvelistv5 – Published: 2026-01-28 17:49 – Updated: 2026-01-28 18:02

Summary

NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-476 - NULL Pointer Dereference

Assigner

nvidia

References

3 references

URL	Tags
https://nvd.nist.gov/vuln/detail/CVE-2025-33237
https://www.cve.org/CVERecord?id=CVE-2025-33237
https://nvidia.custhelp.com/app/answers/detail/a_…

Impacted products

2 products

Vendor	Product	Version
NVIDIA	GeForce	Affected: All driver versions prior to 1.4.5.7
NVIDIA	RTX, Quadro, NVS	Affected: All driver versions prior to 1.4.5.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-33237",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T18:02:05.399768Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-28T18:02:25.586Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows(R590)"
          ],
          "product": "GeForce",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 1.4.5.7"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows(R590)"
          ],
          "product": "RTX, Quadro, NVS",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 1.4.5.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
            }
          ],
          "value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-28T17:49:02.521Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33237"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-33237"
        },
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "NVIDIA PSIRT"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2025-33237",
    "datePublished": "2026-01-28T17:49:02.521Z",
    "dateReserved": "2025-04-15T18:51:08.191Z",
    "dateUpdated": "2026-01-28T18:02:25.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-33237",
      "date": "2026-06-29",
      "epss": "0.00115",
      "percentile": "0.0184"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-33237\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2026-01-28T18:16:49.027\",\"lastModified\":\"2026-06-17T09:13:17.250\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.\"},{\"lang\":\"es\",\"value\":\"NVIDIA HD Audio Driver para Windows contiene una vulnerabilidad donde un atacante podr\u00eda explotar un problema de desreferencia de puntero NULL. Si la vulnerabilidad se explota con \u00e9xito se podr\u00eda provocar una denegaci\u00f3n de servicio.\"}],\"affected\":[{\"source\":\"psirt@nvidia.com\",\"affectedData\":[{\"vendor\":\"NVIDIA\",\"product\":\"GeForce\",\"defaultStatus\":\"unaffected\",\"platforms\":[\"Windows(R590)\"],\"versions\":[{\"version\":\"All driver versions prior to 1.4.5.7\",\"status\":\"affected\"}]},{\"vendor\":\"NVIDIA\",\"product\":\"RTX, Quadro, NVS\",\"defaultStatus\":\"unaffected\",\"platforms\":[\"Windows(R590)\"],\"versions\":[{\"version\":\"All driver versions prior to 1.4.5.7\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-28T18:02:05.399768Z\",\"id\":\"CVE-2025-33237\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"references\":[{\"url\":\"https://nvd.nist.gov/vuln/detail/CVE-2025-33237\",\"source\":\"psirt@nvidia.com\"},{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5747\",\"source\":\"psirt@nvidia.com\"},{\"url\":\"https://www.cve.org/CVERecord?id=CVE-2025-33237\",\"source\":\"psirt@nvidia.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-33237\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-28T18:02:05.399768Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-28T18:02:13.250Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Denial of service\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"GeForce\", \"versions\": [{\"status\": \"affected\", \"version\": \"All driver versions prior to 1.4.5.7\"}], \"platforms\": [\"Windows(R590)\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"NVIDIA\", \"product\": \"RTX, Quadro, NVS\", \"versions\": [{\"status\": \"affected\", \"version\": \"All driver versions prior to 1.4.5.7\"}], \"platforms\": [\"Windows(R590)\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://nvd.nist.gov/vuln/detail/CVE-2025-33237\"}, {\"url\": \"https://www.cve.org/CVERecord?id=CVE-2025-33237\"}, {\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5747\"}], \"x_generator\": {\"engine\": \"NVIDIA PSIRT\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.\", \"base64\": true}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2026-01-28T17:49:02.521Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-33237\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-28T18:02:25.586Z\", \"dateReserved\": \"2025-04-15T18:51:08.191Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2026-01-28T17:49:02.521Z\", \"assignerShortName\": \"nvidia\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

BDU:2026-01838

Vulnerability from fstec - Published: 28.01.2026

Title

Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, связанная с разыменованием указателей, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce связана с разыменованием указателей. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

NVIDIA Corp.

Software Name

NVS R590, Quadro R590, NVIDIA RTX R590, GeForce R590

Software Version

до 1.4.5.7 (NVS R590), до 1.4.5.7 (Quadro R590), до 1.4.5.7 (NVIDIA RTX R590), до 1.4.5.7 (GeForce R590)

Possible Mitigations

Использование рекомендаций производителя: Обновление программного обеспечения до версий 1.4.5.7: https://www.nvidia.com/en-us/security/ https://nvidia.custhelp.com/app/answers/detail/a_id/5747

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5747 https://www.nvidia.com/en-us/security/

CWE

CWE-476

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "NVIDIA Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 1.4.5.7 (NVS R590), \u0434\u043e 1.4.5.7 (Quadro R590), \u0434\u043e 1.4.5.7 (NVIDIA RTX R590), \u0434\u043e 1.4.5.7 (GeForce R590)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0439 1.4.5.7: \nhttps://www.nvidia.com/en-us/security/\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5747",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "28.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.02.2026",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-01838",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-33237",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "NVS R590, Quadro R590, NVIDIA RTX R590, GeForce R590",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 NVIDIA NVS, Quadro, NVIDIA RTX, GeForce \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747\nhttps://www.nvidia.com/en-us/security/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

FKIE_CVE-2025-33237

Vulnerability from fkie_nvd - Published: 2026-01-28 18:16 - Updated: 2026-06-17 09:13

Severity

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@nvidia.com	https://nvd.nist.gov/vuln/detail/CVE-2025-33237
	psirt@nvidia.com	https://nvidia.custhelp.com/app/answers/detail/a_id/5747
	psirt@nvidia.com	https://www.cve.org/CVERecord?id=CVE-2025-33237

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows(R590)"
          ],
          "product": "GeForce",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 1.4.5.7"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows(R590)"
          ],
          "product": "RTX, Quadro, NVS",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 1.4.5.7"
            }
          ]
        }
      ],
      "source": "psirt@nvidia.com"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
    },
    {
      "lang": "es",
      "value": "NVIDIA HD Audio Driver para Windows contiene una vulnerabilidad donde un atacante podr\u00eda explotar un problema de desreferencia de puntero NULL. Si la vulnerabilidad se explota con \u00e9xito se podr\u00eda provocar una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2025-33237",
  "lastModified": "2026-06-17T09:13:17.250",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "psirt@nvidia.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2025-33237",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-01-28T18:02:05.399768Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-01-28T18:16:49.027",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33237"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33237"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@nvidia.com",
      "type": "Secondary"
    }
  ]
}

GHSA-67QQ-RJ26-WJ76

Vulnerability from github – Published: 2026-01-28 18:30 – Updated: 2026-01-28 18:30

Details

Severity

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-33237"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-28T18:16:49Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.",
  "id": "GHSA-67qq-rj26-wj76",
  "modified": "2026-01-28T18:30:49Z",
  "published": "2026-01-28T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33237"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33237"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2026-0235

Vulnerability from csaf_certbund - Published: 2026-01-27 23:00 - Updated: 2026-03-17 23:00

Summary

Nvidia Treiber: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: NVidia ist ein Hersteller von Grafikkarten.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Nvidia Treiber ausnutzen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, um seine Privilegien zu erhöhen, und um Daten zu manipulieren.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2025-33217

Affected products

Known affected 4 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Nvidia Treiber Nvidia	`cpe:/a:nvidia:display_driver:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—

CVE-2025-33218

Affected products

Known affected 4 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Nvidia Treiber Nvidia	`cpe:/a:nvidia:display_driver:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—

CVE-2025-33219

Affected products

Known affected 4 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Nvidia Treiber Nvidia	`cpe:/a:nvidia:display_driver:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—

CVE-2025-33220

Affected products

Known affected 4 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Nvidia Treiber Nvidia	`cpe:/a:nvidia:display_driver:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—

CVE-2025-33237

Affected products

Known affected 4 products

Product	Identifier	Version
HP Computer HP	`cpe:/h:hp:computer:-`	—
Nvidia Treiber Nvidia	`cpe:/a:nvidia:display_driver:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—

References

6 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://nvidia.custhelp.com/app/answers/detail/a_…	external
https://www.dell.com/support/kbdoc/000398669	external
https://support.lenovo.com/us/en/product_security…	external
https://support.hp.com/de-de/document/ish_1444277…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "NVidia ist ein Hersteller von Grafikkarten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Nvidia Treiber ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, um Informationen offenzulegen, um seine Privilegien zu erh\u00f6hen, und um Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0235 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0235.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0235 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0235"
      },
      {
        "category": "external",
        "summary": "NVIDIA Security Bulletin vom 2026-01-27",
        "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-015 vom 2026-01-29",
        "url": "https://www.dell.com/support/kbdoc/000398669"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-210045 vom 2026-02-10",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-210045"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04099 vom 2026-03-13",
        "url": "https://support.hp.com/de-de/document/ish_14442778-14444847-16/HPSBHF04099"
      }
    ],
    "source_lang": "en-US",
    "title": "Nvidia Treiber: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-17T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-18T08:48:15.746+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0235",
      "initial_release_date": "2026-01-27T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-27T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-01-28T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von European Union Vulnerability Database und Dell aufgenommen"
        },
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von LENOVO aufgenommen"
        },
        {
          "date": "2026-03-17T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T049788",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HP Computer",
            "product": {
              "name": "HP Computer",
              "product_id": "T032784",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T048897",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Nvidia Treiber",
            "product": {
              "name": "Nvidia Treiber",
              "product_id": "T050372",
              "product_identification_helper": {
                "cpe": "cpe:/a:nvidia:display_driver:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Nvidia"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-33217",
      "product_status": {
        "known_affected": [
          "T032784",
          "T050372",
          "T048897",
          "T049788"
        ]
      },
      "release_date": "2026-01-27T23:00:00.000+00:00",
      "title": "CVE-2025-33217"
    },
    {
      "cve": "CVE-2025-33218",
      "product_status": {
        "known_affected": [
          "T032784",
          "T050372",
          "T048897",
          "T049788"
        ]
      },
      "release_date": "2026-01-27T23:00:00.000+00:00",
      "title": "CVE-2025-33218"
    },
    {
      "cve": "CVE-2025-33219",
      "product_status": {
        "known_affected": [
          "T032784",
          "T050372",
          "T048897",
          "T049788"
        ]
      },
      "release_date": "2026-01-27T23:00:00.000+00:00",
      "title": "CVE-2025-33219"
    },
    {
      "cve": "CVE-2025-33220",
      "product_status": {
        "known_affected": [
          "T032784",
          "T050372",
          "T048897",
          "T049788"
        ]
      },
      "release_date": "2026-01-27T23:00:00.000+00:00",
      "title": "CVE-2025-33220"
    },
    {
      "cve": "CVE-2025-33237",
      "product_status": {
        "known_affected": [
          "T032784",
          "T050372",
          "T048897",
          "T049788"
        ]
      },
      "release_date": "2026-01-27T23:00:00.000+00:00",
      "title": "CVE-2025-33237"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-33237 (GCVE-0-2025-33237)

BDU:2026-01838

FKIE_CVE-2025-33237

GHSA-67QQ-RJ26-WJ76

WID-SEC-W-2026-0235

Tags

Sightings

Nomenclature