Vulnerabilities > Nvidia > Sbios > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-22 | CVE-2023-0209 | Improper Authentication vulnerability in Nvidia Sbios NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass. | 7.8 |
| 2023-04-22 | CVE-2023-25506 | Out-of-bounds Write vulnerability in Nvidia Sbios NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. | 8.2 |
| 2023-04-22 | CVE-2023-25509 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Sbios NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges. | 7.8 |
| 2023-01-13 | CVE-2022-42286 | Unspecified vulnerability in Nvidia Sbios DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges. | 7.8 |
| 2023-01-13 | CVE-2022-42285 | Unspecified vulnerability in Nvidia Sbios DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | 7.8 |