CVE-2024-0114

Summary

NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the HGX Management Controller (HMC) that may allow a malicious actor with administrative access on the BMC to access the HMC as an administrator. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc67 (1.5.0)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc63 (1.4.0)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc59 (1.3.2)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc57 (1.3.0/1.3.1)affected

Weaknesses

  • CWE-1244: CWE-1244

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References