Primary

Context

NVIDIA NvContainer Service OpenSSL Vulnerability Allowing Code Execution and Privilege Escalation

Vulnerability

Patched

A vulnerability exists in the NVIDIA NvContainer service for Windows due to improper handling of OpenSSL. An attacker could exploit this by placing a malicious DLL in a predetermined location. Successful exploitation could result in unauthorized code execution, denial of service, elevated privileges, unauthorized information access, or data manipulation.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution, denial of service, privilege escalation, information disclosure, or data tampering.

Remediation

Users are advised to update to version 11.0.2.337 (prod2 hotfix) of the NVIDIA App. Earlier versions are also affected.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

3.1

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

3.1

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA NvContainer Service OpenSSL Vulnerability Allowing Code Execution and Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

NVIDIA App

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating