Lucene search
NvidiaCVE-2023-31032HistoryJan 12, 2024 - 7:15 p.m.
CVE-2023-31032
2024-01-1219:15:10
CWE-913
CWE-627
nvidia
web.nvd.nist.gov
16
nvidia
dgx a100
sbios
vulnerability
local access
denial of service
cve-2023-31032
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
9.0%
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability may lead to denial of service.
Affected configurations
Node
nvidiadgx_a100Match-
nvidiadgx_a100_firmwareRange<1.25sbios
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | dgx_a100 | - | cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:* |
| nvidia | dgx_a100_firmware | * | cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:sbios:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DGX A100",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All SBOIS versions prior to 1.25"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2024-01-12 19:15:00
cvelist
cvelist
CVE-2023-31032 CVE
2024-01-12 18:31:36
nvd
nvd
CVE-2023-31032
2024-01-12 19:15:10
nvidia
nvidia
Security Bulletin: NVIDIA DGX A100 - January 2024
2024-01-11 00:00:00
CVSS3
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-31032