CVE-2023-0200

Summary

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA DGX serversAll BMC versions prior to 1.08.00affected

Weaknesses

  • CWE-788: CWE-788

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References