CVE-2023-25506
HIGHNVIDIA DGX-1 SBIOS < 52w_3a13 - Out-of-bounds Write in Ofbd
Title source: llmDescription
NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.
References (1)
Core 1
Core References
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5458
Scores
CVSS v3
7.5
EPSS
0.0018
EPSS Percentile
7.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
CWE-788
Status
published
Products (1)
nvidia/sbios
< 52w_3a13
Published
Apr 22, 2023
Tracked Since
Feb 18, 2026