CVE-2025-33188

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 89.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia DGX Spark
Timeline
PublishedNov 25

Description

NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:HExploitability: 2.5 | Impact: 5.5

Affected Packages1 packages

CVEListV5nvidia/dgx_sparkAll versions prior to OTA0

🔴Vulnerability Details

2
GHSA
GHSA-992r-5c54-mgmg: NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls2025-11-25
CVEList
CVE-2025-33188: NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls2025-11-25
CVE-2025-33188 (HIGH CVSS 7.8) | NVIDIA DGX Spark GB10 contains a vu | cvebase.io