PT-2026-54609 · Nvidia · Connect+1

Published

2026-07-01

·

Updated

2026-07-02

·

CVE-2025-23351

CVSS v3.1

9.0

Critical

VectorAV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions NVIDIA ConnectX (affected versions not specified) NVIDIA BlueField (affected versions not specified)
Description A flaw exists in the command interface that allows a local user with virtual function (VF) access to trigger a write out of bounds by providing crafted input. This condition can lead to arbitrary code execution on the device.
Recommendations Apply the latest security patches for NVIDIA ConnectX. Apply the latest security patches for NVIDIA BlueField.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-23351

Affected Products

Bluefield
Connect