Lucene search
HistoryApr 22, 2023 - 3:15 a.m.
CVE-2023-25509
nvidia
dgx-1
sbios
vulnerability
cve-2023-25509
code execution
denial of service
escalation of privileges
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.
Affected configurations
Node
nvidiasbiosRange<52w_3a13
nvidiadgx-1Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| nvidia:sbios | nvidia sbios | lt | 52w_3a13 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NVIDIA DGX servers",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All SBIOS prior to S2W_3A13"
}
]
}
]Related
cvelist
cvelist
CVE-2023-25509
2023-04-22 02:32:42
prion
prion
Design/Logic Flaw
2023-04-22 03:15:00
nvd
nvd
CVE-2023-25509
2023-04-22 03:15:10
nvidia
nvidia
Security Bulletin: NVIDIA DGX-1 - April 2023
2023-04-19 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2023-25509