Nvidia

Dgx A100 Firmware

28 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-25521

  • EPSS 0.02%
  • Published 04.07.2023 00:15:09
  • Last modified 21.11.2024 07:49:39

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerabi...

7.8

CVE-2023-0206

  • EPSS 0.03%
  • Published 22.04.2023 03:15:09
  • Last modified 21.11.2024 07:36:44

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information ...

7.8

CVE-2023-0202

  • EPSS 0.03%
  • Published 22.04.2023 03:15:09
  • Last modified 21.11.2024 07:36:44

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of p...

8.8

CVE-2022-42290

  • EPSS 0.32%
  • Published 13.01.2023 04:15:08
  • Last modified 21.11.2024 07:24:40

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.

8.8

CVE-2022-42289

  • EPSS 0.34%
  • Published 13.01.2023 04:15:08
  • Last modified 21.11.2024 07:24:40

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.

5.3

CVE-2022-42288

  • EPSS 0.22%
  • Published 13.01.2023 04:15:08
  • Last modified 21.11.2024 07:24:40

NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.

6.7

CVE-2022-42281

  • EPSS 0.03%
  • Published 13.01.2023 02:15:08
  • Last modified 21.11.2024 07:24:39

NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information discl...

8.8

CVE-2022-42279

  • EPSS 0.43%
  • Published 13.01.2023 02:15:08
  • Last modified 21.11.2024 07:24:39

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.

8.2

CVE-2022-42276

  • EPSS 0.03%
  • Published 13.01.2023 02:15:07
  • Last modified 21.11.2024 07:24:38

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure....

8.8

CVE-2022-42273

  • EPSS 0.35%
  • Published 12.01.2023 23:15:10
  • Last modified 21.11.2024 07:24:38

NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.