Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25506


NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.


Published

2023-04-22T03:15:10.107

Last Modified

2024-11-21T07:49:37.973

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-788
  • Type: Primary
    CWE-787

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System nvidia sbios < 52w_3a13 Yes
Hardware nvidia dgx-1 - No

References