CVE-2023-31032

CWE-627 CWE-9133 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 89.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia DGX A100 Firmware Nvidia DGX A100

Timeline

PublishedJan 12

Description

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 0.8 | Impact: 6.0

Affected Packages2 packages

▶NVDnvidia/dgx_a100_firmware< 1.25

▶CVEListV5nvidia/dgx_a100All SBOIS versions prior to 1.25

🔴Vulnerability Details

GHSA

GHSA-5q7c-3gj2-48qw: NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access↗2024-01-12

▶

CVEList

CVE↗2024-01-12

▶