CVE-2025-33179

HIGH

NVIDIA Cumulus Linux/NVOS - Privilege Escalation

Title source: llm

Description

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

References (3)

[Various Sources] https://nvd.nist.gov/vuln/detail/CVE-2025-33179

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5722

[Various Sources] https://www.cve.org/CVERecord?id=CVE-2025-33179

Scores

CVSS v3 8.0

EPSS 0.0013

EPSS Percentile 31.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-266

Status published

Products (3)

nvidia/cumulus_linux < 5.14.0

nvidia/cumulus_linux 5.9.0 - 5.9.4

nvidia/nvos < 25.02.2452

Published Feb 24, 2026

Tracked Since Feb 25, 2026