CVE-2023-25524 (omniverse_launcher)

NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.

access access token address authentication browser cve disclosure exploit flow information information disclosure linux may nvidia resources token vulnerability windows workstation