CVE-2023-25530: Input Validation
First published: Wed Sep 20 2023(Updated: )
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Dgx H100 Firmware | <23.08.18 | |
| NVIDIA DGX H100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NVIDIA DGX H100 BMC vulnerability?
The vulnerability ID is CVE-2023-25530.
What is the severity level of CVE-2023-25530?
The severity level of CVE-2023-25530 is critical.
What is the affected software for CVE-2023-25530?
The affected software for CVE-2023-25530 is NVIDIA DGX H100 BMC firmware version up to and including 23.08.18.
What are the potential impacts of CVE-2023-25530?
The potential impacts of CVE-2023-25530 include code execution, denial of service, escalation of privileges, and information disclosure.
Where can I find more information about CVE-2023-25530?
You can find more information about CVE-2023-25530 at the following link: https://nvidia.custhelp.com/app/answers/detail/a_id/5473
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia dgx h100 firmware
- canonical/nvidia dgx h100