Vulnerabilities > Nvidia > DGX A100 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-01-12 CVE-2023-31024 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
 9.8
9.8
2024-01-12 CVE-2023-31025 Injection vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection.
network
low complexity
nvidia CWE-74
7.5
7.5
2024-01-12 CVE-2023-31029 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
 9.8
9.8
2024-01-12 CVE-2023-31030 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
 9.8
9.8
2024-01-12 CVE-2023-31031 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 1.18/1.8
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access.
local
low complexity
nvidia CWE-787
7.8
7.8
2024-01-12 CVE-2023-31032 Improper Control of Dynamically-Managed Code Resources vulnerability in Nvidia DGX A100 Firmware 1.18/1.8
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access.
local
low complexity
nvidia CWE-913
5.5
5.5
2024-01-12 CVE-2023-31033 Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network .
low complexity
nvidia CWE-306
8.0
8.0
2024-01-12 CVE-2023-31034 Integer Overflow or Wraparound vulnerability in Nvidia DGX A100 Firmware 1.18/1.8
NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow.
local
low complexity
nvidia CWE-190
7.8
7.8
2024-01-12 CVE-2023-31035 Unspecified vulnerability in Nvidia DGX A100 Firmware 1.18/1.8
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level.
local
low complexity
nvidia
7.8
7.8
2023-07-04 CVE-2023-25521 Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware
NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed.
local
low complexity
nvidia CWE-269
7.8
7.8