High severity8.2NVD Advisory· Published Apr 22, 2023· Updated Jun 17, 2026
CVE-2023-0209
CVE-2023-0209
Description
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass.
Affected products
2- Range: All SBIOS prior to S2W_3A13
Patches
Vulnerability mechanics
References
1- nvidia.custhelp.com/app/answers/detail/a_id/5458nvdVendor Advisory
News mentions
0No linked articles in our index yet.