Vulnerabilities > Nvidia > DGX H100 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-31009 Improper Input Validation vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation.
network
low complexity
nvidia CWE-20
critical
 9.8
9.8
2023-09-20 CVE-2023-25534 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
 9.8
9.8
2023-09-20 CVE-2023-25533 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
 9.8
9.8
2023-09-20 CVE-2023-25531 Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.
network
low complexity
nvidia CWE-522
critical
 9.8
9.8
2023-09-20 CVE-2023-25530 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
 9.8
9.8
2023-09-20 CVE-2023-25528 Out-of-bounds Write vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
 9.8
9.8