CVE-2023-0201

Summary

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA DGX serversAll BMC versions prior to 1.08.00affected

Weaknesses

  • CWE-118: CWE-118

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References