Vulnerability Details CVE-2023-25521
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-25521
-
cpe:2.3:h:nvidia:dgx_a100:-
-
cpe:2.3:h:nvidia:dgx_a800:-
-
cpe:2.3:o:nvidia:dgx_a100_firmware:-
-
cpe:2.3:o:nvidia:dgx_a100_firmware:1.18
-
cpe:2.3:o:nvidia:dgx_a100_firmware:1.8
-
cpe:2.3:o:nvidia:dgx_a800_firmware:-