NVIDIA App Flaw Allows Privilege Escalation on Windows

Cyber Security News by CyberSum.net

Published on October 1, 2025 at 06:04 PM

2 sources

NVIDIA has released a security update for its NVIDIA App software on Windows, addressing a high-severity privilege escalation vulnerability. The flaw, tracked as CVE-2025-23297, allows a local unprivileged user to gain elevated system rights. It stems from improper file handling during the installation of the Frameview SDK components. A successful exploit requires no user interaction and could lead to a full compromise of the system's confidentiality, integrity, and availability. Users are strongly advised to update their NVIDIA App to version 11.0.5.245 or later to mitigate the threat.

Also Read

Detour Dog Uses DNS to Deliver Strela Stealer Malware

The cybercrime group Detour Dog has been quietly infecting over 30,000 websites since 2020 using a sophisticated, server-side attack. The group leverages DNS TXT records as a covert channel to send commands to compromised sites, making the malicious activity invisible to most visitors. This technique allows them to selectively redirect users to scams or, more recently, deliver the powerful Strela Stealer infostealer malware. By controlling the attack from the server, the compromised websites can remain infected for long periods without detection. The campaign's vast infrastructure generates millions of DNS queries, with traffic originating from numerous global locations.

By Cyber Security News by CyberSum.netOctober 2, 2025 at 12:00 AM