NVIDIA GPU Display Driver Windows Local Unprivileged Info Disclosure
CVE-2025-23288 Published on August 2, 2025

NVIDIA GPU Display Driver for Windows contains a vulnerability  where an attacker may cause an exposure of sensitive system information with local unprivileged system access. A successful exploit of this vulnerability may lead to Information disclosure.

NVD

Vulnerability Analysis

CVE-2025-23288 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
NONE
Availability Impact:
NONE

Weakness Type

Exposure of Sensitive System Information to an Unauthorized Control Sphere

The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.


Products Associated with CVE-2025-23288

Want to know whenever a new CVE is published for NVIDIA Gpu Display Driver? stack.watch will email you.

NVIDIA Gpu Display Driver
 

Affected Versions

NVIDIA GPU Display Drivers Version R535, R570, R575 is affected by CVE-2025-23288

Exploit Probability

EPSS
0.02%
Percentile
3.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.