Unrated severityNVD Advisory· Published Apr 22, 2023· Updated Feb 4, 2025

CVE-2023-25507

Description

NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering.

Affected products

Nvidia/DGX-1 BMCllm-fuzzy
NVIDIA/NVIDIA DGX serversv5
Range: All BMC versions prior to 3.39.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

nvidia.custhelp.com/app/answers/detail/a_id/5458mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000