CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0209
https://notcve.org/view.php?id=CVE-2023-0209
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass. • https://nvidia.custhelp.com/app/answers/detail/a_id/5458 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0206
https://notcve.org/view.php?id=CVE-2023-0206
A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0202
https://notcve.org/view.php?id=CVE-2023-0202
A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0201
https://notcve.org/view.php?id=CVE-2023-0201
NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0200
https://notcve.org/view.php?id=CVE-2023-0200
NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •