CVE-2023-31035
published 2024-01-12CVE-2023-31035: NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | dgx_a100 | — | — |
| nvidia | dgx_a100_firmware | < 1.25 | 1.25 |