Vulnerabilities > Nvidia > DGX A100 Firmware > 00.19.07
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-12 | CVE-2023-31024 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. | 9.8 |
2024-01-12 | CVE-2023-31025 | Injection vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. | 7.5 |
2024-01-12 | CVE-2023-31029 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. | 9.8 |
2024-01-12 | CVE-2023-31030 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. | 9.8 |
2024-01-12 | CVE-2023-31033 | Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . | 8.0 |
2022-07-04 | CVE-2022-31600 | Integer Overflow or Wraparound vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and information disclosure. | 8.2 |
2022-07-04 | CVE-2022-31602 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure. | 6.7 |
2022-07-04 | CVE-2022-31603 | Improper Validation of Array Index vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure. | 6.7 |
2022-07-02 | CVE-2022-28200 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | 8.2 |