Lucene search
NvidiaCVELIST:CVE-2022-42275HistoryJan 13, 2023 - 12:03 a.m.
CVE-2022-42275
2023-01-1300:03:01
CWE-288
nvidia
www.cve.org
4
nvidia
bmc
ipmi
unauthenticated
write
bypass
secureboot
integrity
denial of service
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0
Percentile
12.6%
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NVIDIA DGX servers",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All BMC firmware versions prior to 00.19.07"
}
]
}
]Related
prion
prion
Code injection
2023-01-13 01:15:00
nvd
nvd
CVE-2022-42275
2023-01-13 01:15:09
cve
cve
CVE-2022-42275
2023-01-13 01:15:09
nvidia
nvidia
NVIDIA DGX A100 Server and DGX Station A100 - December 2022
2022-12-19 00:00:00
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0
Percentile
12.6%
Related for CVELIST:CVE-2022-42275