CVE-2025-23301 | THREATINT

Description

NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.

PUBLISHED Reserved 2025-01-14 | Published 2025-09-04 | Updated 2025-09-04 | Assigner nvidia

MEDIUM: 4.2CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L

Problem types

CWE-1244 Internal Asset Exposed to Unsafe Debug Access Level or State

Product status

Default status

unaffected

All versions prior to and including 1.7.1

affected

Default status

unaffected

All versions prior to and including 1.2.0

affected

References

nvd.nist.gov/vuln/detail/CVE-2025-23301

www.cve.org/CVERecord?id=CVE-2025-23301

nvidia.custhelp.com/app/answers/detail/a_id/5674

cve.org (CVE-2025-23301)

nvd.nist.gov (CVE-2025-23301)

Download JSON