InfoSecBulletin Cybersecurity for mankind
NVIDIA has released a software update for Riva to fix security vulnerabilities that could allow privilege escalation, data tampering, denial of service, or information disclosure.
NVIDIA Riva is a suite of GPU-accelerated microservices for multilingual speech and translation, designed for creating customizable, real-time conversational AI systems. It features automatic speech recognition (ASR), text-to-speech (TTS), and neural machine translation (NMT) and can be used in various settings like cloud, data centers, edge, and embedded devices. Riva allows organizations to add speech and translation functions to large language models (LLMs) and retrieval-augmented generation (RAG), improving chatbots into multilingual assistants and avatars.
AWS SNS misused for Data Exfiltration and Phishing
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
The security update addresses improper access control issues. Details on the vulnerabilities and their impacts are provided below:
CVE-2025-23242: NVIDIA Riva has a vulnerability that allows improper access control, potentially leading to privilege escalation, data tampering, denial of service, or information disclosure. It has a severity rating of High, with a base score of 7.3.
CVE-2025-23243: NVIDIA Riva has a vulnerability that allows improper access control, potentially leading to data tampering or denial of service. It has a base score of 6.5 and is classified as High severity.
The affected product, its versions, and the updated version are:
NVIDIA advises users to upgrade from earlier versions of Riva to the latest release.
NVIDIA thanks David Fiser and Alfredo Oliveira from Trend Micro’s Nebula team for reporting these issues.
