Trend Micro Research discovered a pattern of exposed NVIDIA Riva API endpoints across multiple organizations deploying Riva in cloud environments. These exposed instances were found operating without authentication, potentially leaving them accessible to threat actors. We identified two vulnerabilities (CVE-2025-23242 and CVE-2025-23243) that contributed to these exposures.
https://www.trendmicro.com/en_us/resear ... ities.html