Vulnerabilities > CVE-2022-42285 - Unspecified vulnerability in Nvidia Sbios

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
nvidia
NVD
Published: 2023-01-13
Updated: 2023-01-24

Summary

DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering.

Vulnerable Configurations

Part Description Count
OS
Nvidia
1
Hardware
Nvidia
1

References