CVE-2025-33230 is an OS command injection vulnerability classified under CWE-78 found in the NVIDIA CUDA Toolkit, specifically within the Nsight Systems installer for Linux (.run installer). The vulnerability arises due to improper neutralization of special elements in the installation path input, allowing an attacker to inject malicious OS commands. When a user runs the installer and provides a crafted installation path containing malicious strings, these commands can be executed with the privileges of the installer process. The vulnerability affects all versions prior to CUDA Toolkit 13.1. The CVSS v3.1 score is 7.3 (high), with vector AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H, indicating local attack vector, low attack complexity, requiring limited privileges and user interaction, with high impact on confidentiality, integrity, and availability. Exploitation could lead to escalation of privileges, arbitrary code execution, data tampering, denial of service, and information disclosure. No public exploits are known yet, but the risk is significant given the widespread use of CUDA in AI, HPC, and scientific computing environments. The vulnerability is particularly critical in multi-user Linux environments where CUDA is installed, as attackers with limited access could leverage this flaw to gain higher privileges or disrupt systems.

For European organizations, the impact of CVE-2025-33230 can be substantial, especially in sectors relying heavily on NVIDIA CUDA Toolkit for AI research, scientific computing, and high-performance computing clusters. Successful exploitation could allow attackers to escalate privileges from a limited user account to higher system privileges, enabling unauthorized code execution and potential full system compromise. This could lead to data tampering, theft of sensitive intellectual property, disruption of critical computational workloads, and denial of service. Organizations running multi-user Linux environments with CUDA installations are at higher risk. The confidentiality, integrity, and availability of systems and data could be severely affected, impacting research outputs, commercial AI development, and critical infrastructure relying on GPU-accelerated computing.

European organizations should immediately verify if their systems run affected versions of the NVIDIA CUDA Toolkit on Linux. The primary mitigation is to upgrade to CUDA Toolkit version 13.1 or later, where this vulnerability has been addressed. Until patching is possible, restrict access to systems where the CUDA installer might be run, especially limiting local user permissions to trusted personnel only. Employ strict input validation and sanitization if custom installation scripts or automation tools are used. Monitor installation activities and system logs for suspicious command execution or privilege escalation attempts. Implement application whitelisting and endpoint detection and response (EDR) solutions to detect anomalous behaviors related to installer execution. Educate system administrators about the risks of running untrusted installers and the importance of verifying installation paths. Finally, maintain regular backups and incident response plans to quickly recover from potential exploitation.