CVE-2023-0201

CWE-118CWE-787Out-of-bounds Write4 documents4 sources
Severity
6.7MEDIUM
EPSS
0.0%
top 87.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia BMCNvidia Nvidia DGX Servers
Timeline
PublishedApr 22
Latest updateJan 16

Description

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDnvidia/bmc< 1.08.00
CVEListV5nvidia/nvidia_dgx_serversAll BMC versions prior to 1.08.00

🔴Vulnerability Details

3
OSV
zookeeper vulnerabilities2024-01-16
CVEList
CVE-2023-0201: NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, wh2023-04-22
GHSA
GHSA-vgw2-6rfv-rmx5: NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, wh2023-04-22
CVE-2023-0201 (MEDIUM CVSS 6.7) | NVIDIA DGX-2 SBIOS contains a vulne | cvebase.io