Skip to main content

Dgx A100 Firmware

19 CVEs product

Monthly

CVE-2023-31035 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Nvidia RCE Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-31034 MEDIUM This Month

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. Rated medium severity (CVSS 6.6). No vendor patch available.

Integer Overflow Nvidia Denial Of Service Information Disclosure Dgx A100 Firmware
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2023-31033 MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Information Disclosure Nvidia RCE +1
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2023-31032 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. Rated high severity (CVSS 7.5). No vendor patch available.

Nvidia Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-31031 MEDIUM This Month

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2023-31030 CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2023-31029 CRITICAL Act Now

NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2023-31025 MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Code Injection LDAP Dgx A100 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-31024 CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.0
EPSS
0.4%
CVE-2023-25522 HIGH This Week

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Denial Of Service Dgx A100 Firmware Dgx A800 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-25521 HIGH This Week

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Denial Of Service Nvidia Dgx A100 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-0206 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Information Disclosure Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-0202 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Information Disclosure Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31603 MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Nvidia Information Disclosure Dgx A100 Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-31602 MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Nvidia Information Disclosure +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-31601 MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Nvidia Information Disclosure +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-31600 HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Integer Overflow Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-31599 HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Nvidia Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2022-28200 HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution,. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Nvidia Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
8.2
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Nvidia RCE +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. Rated medium severity (CVSS 6.6). No vendor patch available.

Integer Overflow Nvidia Denial Of Service +2
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Information Disclosure +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. Rated high severity (CVSS 7.5). No vendor patch available.

Nvidia Denial Of Service Dgx A100 Firmware
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +4
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Code Injection +2
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Denial Of Service +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Nvidia +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +4
NVD
EPSS 0% CVSS 8.2
HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Integer Overflow +3
NVD
EPSS 0% CVSS 8.2
HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption RCE Nvidia +3
NVD
EPSS 0% CVSS 8.2
HIGH This Week

NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution,. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Nvidia +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy