securityonline.info 7/1/2026, 5:41:55 PM · external

NVIDIA patches 13 flaws, including local code exec in BlueField

NVIDIA patches 13 flaws, including local code exec in BlueField
CyberSIXT Evidence Panel
Primary Source github.com
CISA KEV Not in KEV
Patch Patch Status Unknown

NVIDIA has issued critical software patches addressing 13 newly disclosed vulnerabilities in its product lines, particularly affecting BlueField, ConnectX, and Megatron Bridge platforms. Some vulnerabilities, such as CVE-2025-23351, could allow local attackers to execute arbitrary code, necessitating immediate security updates to protect enterprise networks. Securing these devices is crucial, as they manage large data traffic and could risk complete device compromise if exploited.

The vulnerabilities carry CVSS scores indicating high severity, underscoring the urgency for administrators to implement the required patches. Currently, no public exploits have been confirmed for these vulnerabilities, and affected products include various generations of BlueField data processing units and ConnectX network adapters.

View Primary Source Via securityonline.info

Article by CyberSIXT