CVE-2023-0205 MEDIUM

CVE-2023-0205

Vendor Nvidia
Product NVIDIA ConnectX Firmware
Weakness CWE-1220
Published April 22, 2023
Last update February 4, 2025

CVSS base score

5.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.

Key dates

02Disclosure timeline

April 22, 2023 CVE published
February 4, 2025 Record updated