Dgx A100 Firmware Security Vulnerabilities and Issues — Dgx A100 Firmware CVE List

Lucene search

NvidiaDgx A100 Firmware

9 matches found

CVE•added 2023/07/04 12:15 a.m.•53 views

CVE-2023-25521

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclos...

7.8CVSS8.1AI score0.00021EPSS

CVE•added 2024/01/12 7:15 p.m.•46 views

CVE-2023-31035

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information ...

7.8CVSS8.6AI score0.00034EPSS

CVE•added 2023/04/22 3:15 a.m.•44 views

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.

7.8CVSS7.6AI score0.00033EPSS

CVE•added 2023/07/04 12:15 a.m.•39 views

CVE-2023-25522

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.

7.8CVSS8AI score0.00029EPSS

CVE•added 2023/04/22 3:15 a.m.•37 views

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.

7.8CVSS7.6AI score0.00033EPSS

CVE•added 2024/01/12 7:15 p.m.•37 views

CVE-2023-31032

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability may lead to denial of service.

7.5CVSS6.5AI score0.00037EPSS

CVE•added 2024/01/12 7:15 p.m.•34 views

CVE-2023-31025

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.

7.5CVSS7.8AI score0.002EPSS

CVE•added 2024/01/12 7:15 p.m.•33 views

CVE-2023-31031

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering.

7.8CVSS8.2AI score0.00034EPSS

CVE•added 2024/01/12 7:15 p.m.•27 views

CVE-2023-31034

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.

7.8CVSS7.9AI score0.00009EPSS