Summary: Nvidia, Zoom, and Zyxel have released critical patches for multiple high-severity vulnerabilities affecting their products, urging users to update immediately. Nvidia’s vulnerabilities could allow for code execution and privilege escalation, while Zoom’s flaw could enable privilege escalation for authenticated attackers. Zyxel addressed an improper privilege management issue that could allow limited users to gain admin rights on certain devices.
Threat Actor: (unknown) | unknown
Victim: (Nvidia, Zoom, Zyxel) | Nvidia, Zoom, Zyxel
Keypoints :
- Nvidia patched three vulnerabilities in Container Toolkit and GPU Operator for Linux, including two high-severity flaws (CVE-2024-0135 and CVE-2024-0136) that could lead to code execution and privilege escalation.
- Zoom addressed a high-severity type confusion issue (CVE-2025-0147) in its Workplace app for Linux, which could allow authenticated attackers to escalate privileges.
- Zyxel fixed an improper privilege management vulnerability (CVE-2024-12398) affecting 23 access point and router models, allowing limited users to gain administrative access.
Source: https://www.securityweek.com/nvidia-zoom-zyxel-patch-high-severity-vulnerabilities/