Vulnerability Details CVE-2020-11486
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-11486
-
cpe:2.3:h:nvidia:dgx-1:-
-
cpe:2.3:o:intel:bmc_firmware:-
-
cpe:2.3:o:intel:bmc_firmware:1.06.06
-
cpe:2.3:o:intel:bmc_firmware:2.47