CVE-2023-25521
published 2023-07-04CVE-2023-25521: NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | dgx_a100_a800 | — | — |
| nvidia | dgx_a100_firmware | < 1.21 | 1.21 |
| nvidia | dgx_a800_firmware | < 1.21 | 1.21 |