PT-2023-20141 · Nvidia · Nvidia Dgx H100 Bmc

Published

2023-09-19

Updated

2023-09-22

CVE-2023-25530

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA DGX H100 BMC (affected versions not specified)

Description The issue is related to improper input validation in the KVM service of the NVIDIA DGX H100 BMC. This can lead to code execution, denial of service, escalation of privileges, and information disclosure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2023-25530

Affected Products

Nvidia Dgx H100 Bmc

PT-2023-20141 · Nvidia · Nvidia Dgx H100 Bmc

CVE-2023-25530

Weakness Enumeration

Related Identifiers

Affected Products

References · 8