Nvidia Dgx Spark vulnerabilities

CVE-2025-33187 [CRITICAL] CWE-269 CVE-2025-33187: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged acce NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges.

CVE-2025-33190 [MEDIUM] CWE-787 CVE-2025-33190: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an ou NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges.

CVE-2025-33189 [HIGH] CWE-787 CVE-2025-33189: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an o NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges.

CVE-2025-33195 [MEDIUM] CWE-119 CVE-2025-33195: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unex NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges.

CVE-2025-33188 [HIGH] CWE-269 CVE-2025-33188: NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service.

CVE-2025-33194 [MEDIUM] CWE-180 CVE-2025-33194: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause impr NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

CVE-2025-33192 [MEDIUM] CWE-690 CVE-2025-33192: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an a NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-33193 [MEDIUM] CWE-354 CVE-2025-33193: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause impr NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-33191 [MEDIUM] CWE-20 CVE-2025-33191: NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-33196 [MEDIUM] CWE-226 CVE-2025-33196: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a re NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-33197 [MEDIUM] CWE-476 CVE-2025-33197: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NU NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-33200 [LOW] CWE-226 CVE-2025-33200: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a re NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-33199 [LOW] CWE-670 CVE-2025-33199: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause inco NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering.

CVE-2025-33198 [LOW] CWE-226 CVE-2025-33198: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a re NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.