CVE-2023-25522
published 2023-07-04CVE-2023-25522: NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | dgx_a100_a800 | — | — |
| nvidia | dgx_a100_firmware | < 1.21 | 1.21 |
| nvidia | dgx_a800_firmware | < 1.21 | 1.21 |