Multiple vulnerabilities in NVIDIA DGX H100
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 15 |
| CVE-ID | CVE-2023-31015 CVE-2023-25528 CVE-2023-25533 CVE-2023-31009 CVE-2023-25529 CVE-2023-25530 CVE-2023-25527 CVE-2023-25531 CVE-2023-31008 CVE-2023-31010 CVE-2023-25532 CVE-2023-31012 CVE-2023-31013 CVE-2023-25534 CVE-2023-31011 |
| CWE-ID | CWE-287 CWE-121 CWE-20 CWE-208 CWE-119 CWE-522 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
DGX H100 BMC Hardware solutions / Drivers |
| Vendor | nVidia |
Security Bulletin
This security bulletin contains information about 15 vulnerabilities.
1) Improper Authentication
EUVDB-ID: #VU80055
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31015
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests in the REST service. A local user can bypass authentication process and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU80056
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25528
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in a web server plugin. A remote attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU80057
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-25533
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the web UI. A remote administrator on the local network can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU80058
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-31009
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the REST service. A remote attacker on the local network can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information Exposure Through Timing Discrepancy
EUVDB-ID: #VU80062
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25529
CWE-ID:
CWE-208 - Information Exposure Through Timing Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the an exploitable timing discrepancy issue in the host KVM daemon. A remote attacker on the local network can disclose sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU80065
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25530
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the KVM service. A remote user on the local network can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU80066
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-25527
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the host KVM daemon. A local user can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Insufficiently protected credentials
EUVDB-ID: #VU80067
Risk: Medium
CVSSv4.0: 2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25531
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficiently protected credentials in IPMI. A remote user on the local network can execute arbitrary code the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU80068
Risk: Low
CVSSv4.0: 4.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31008
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in IPMI. A local user can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU80070
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31010
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in IPMI. A remote administrator on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Insufficiently protected credentials
EUVDB-ID: #VU80077
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-25532
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficiently protected credentials in IPMI. A remote attacker on the local network can gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU80078
Risk: Low
CVSSv4.0: 5.8 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31012
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the REST service. A remote administrator on the local network can pass specially crafted input to the application and gain elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU80079
Risk: Low
CVSSv4.0: 5.8 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31013
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the REST service. A remote administrator on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU80085
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-25534
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in IPMI. A remote administrator on the local network can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Input validation error
EUVDB-ID: #VU80086
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31011
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the REST service. A remote administrator on the local network can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX H100 BMC: before 23.08.18
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5473
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
