There’s serious vulnerability in the NVIDIA App for Windows that I feel is important to pass along. The flaw is tracked as CVE‑2025‑23358 and it affects the installer component of the app. Essentially, if someone has even low privileged local access to a machine with this version of the NVIDIA App, they could exploit the search-path logic to inject malicious code and escalate privileges on the system.
What the issue is
The problem is due to a search-path element vulnerability (classified under CWE‑427) in the NVIDIA App installer. By manipulating how the installer loads modules or executables via its search path, an attacker with local access can trick the system into running malicious code. The requirement is local access plus a bit of user interaction, but once successful, the result is full code execution and the ability to elevate privileges.
This vulnerability got a base CVSS v3.1 score of 8.2, which puts it in the “High” severity range. Because of the low complexity of the attack and the way it affects installations that often run with elevated rights, it’s especially risky in shared or enterprise environments.
If you’re running a version of the NVIDIA App for Windows that is before version 11.0.5.260, you are exposed. The installer component is vulnerable until you apply the patch.
What you should do
I recommend updating immediately to version 11.0.5.260 or later of the NVIDIA App. Make sure you get it from the official NVIDIA site. If you’re managing multiple workstations (especially in a corporate setting), you should check your software inventory to find any systems still running the older version and push the update out quickly.
It’s easy to overlook utilities such as the NVIDIA App as “just extra” software, but installers and their elevated execution context are common targets for attackers. This incident reinforces the importance of keeping all software—especially those with high privileges—up to date and audited.
Mourad Maacha 
Leave a comment