Skip to main content

CWE-1234

Hardware Internal or Debug Modes Allow Override of Locks

4 CVEs Avg CVSS 6.5 MITRE
0
CRITICAL
0
HIGH
3
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2025-33242 MEDIUM This Month

This vulnerability in NVIDIA's B300 MCU (specifically the CX8 MCU component) allows privileged attackers with network access to modify unsupported hardware registries, potentially causing denial of service and data tampering. The flaw affects HGX and DGX B300 systems and requires high privileges and non-trivial attack complexity to exploit, though no public exploit code or active exploitation has been reported at this time. SSVC assessment indicates the vulnerability presents partial technical impact with no known automated exploitation capability.

Denial Of Service Nvidia
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-59104 Monitor

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can be changed.

Linux
NVD
EPSS
0.0%
CVE-2023-44298 MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Denial Of Service Intel Dell Poweredge R660 Firmware +12
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2023-44297 MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Information Disclosure Intel Dell +13
NVD
CVSS 3.1
6.8
EPSS
0.3%
EPSS 0% CVSS 5.9
MEDIUM This Month

This vulnerability in NVIDIA's B300 MCU (specifically the CX8 MCU component) allows privileged attackers with network access to modify unsupported hardware registries, potentially causing denial of service and data tampering. The flaw affects HGX and DGX B300 systems and requires high privileges and non-trivial attack complexity to exploit, though no public exploit code or active exploitation has been reported at this time. SSVC assessment indicates the vulnerability presents partial technical impact with no known automated exploitation capability.

Denial Of Service Nvidia
NVD VulDB
EPSS 0%
Monitor

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootloader, where the kernel command line can be changed.

Linux
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Denial Of Service Intel +14
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Information Disclosure +15
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy