Vulnerabilities > Nvidia > DGX A100 Firmware > 1.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-31031 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. | 7.8 |
| 2024-01-12 | CVE-2023-31032 | Improper Control of Dynamically-Managed Code Resources vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. | 5.5 |
| 2024-01-12 | CVE-2023-31034 | Integer Overflow or Wraparound vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. | 7.8 |
| 2024-01-12 | CVE-2023-31035 | Unspecified vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. | 7.8 |
| 2023-07-04 | CVE-2023-25521 | Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. | 7.8 |
| 2023-07-04 | CVE-2023-25522 | Improper Input Validation vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. | 7.8 |