Unrated severityNVD Advisory· Published Apr 22, 2023· Updated Feb 4, 2025

CVE-2023-25508

Description

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.

Affected products

Nvidia/DGX-1 BMCllm-create
NVIDIA/NVIDIA DGX serversv5
Range: All BMC versions prior to 3.39.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

nvidia.custhelp.com/app/answers/detail/a_id/5458mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000