CVE-2023-0201 MEDIUM

CVE-2023-0201

Vendor Nvidia
Product NVIDIA DGX servers
Weakness CWE-118
Published April 22, 2023
Last update February 4, 2025

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure.

Key dates

02Disclosure timeline

April 22, 2023 CVE published
February 4, 2025 Record updated