Vulnerability Details CVE-2023-25522
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-25522
-
cpe:2.3:h:nvidia:dgx_a100:-
-
cpe:2.3:h:nvidia:dgx_a800:-
-
cpe:2.3:o:nvidia:dgx_a100_firmware:-
-
cpe:2.3:o:nvidia:dgx_a100_firmware:1.18
-
cpe:2.3:o:nvidia:dgx_a100_firmware:1.8
-
cpe:2.3:o:nvidia:dgx_a800_firmware:-