Security News > 2020 > October > NVIDIA Patches Critical Bug in High-Performance Servers
NVIDIA released a patch for a critical bug in its high-performance line of DGX servers that could open the door for a remote attacker to take control of and access sensitive data on systems typically operated by governments and Fortune-100 companies.
During the session Gordeychik demonstrated how NVIDIA DGX GPU servers used in machine learning frameworks, data processing pipelines and applications such as medical imaging and face recognition powered CCTV - could be tampered with by an adversary.
As for the actual patches issued by NVIDIA on Wednesday, the most serious is tracked as CVE‑2020‑11483 and is rated critical.
"NVIDIA DGX servers contain a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure," according to the security bulletin.
Vulnerable NVIDIA DGX server models impacted include DGX-1, DGX-2 and DGX A100.
News URL
https://threatpost.com/nvidia-patches-critical-bug-in-hpc/160762/