Risk | High |
Patch available | YES |
Number of vulnerabilities | 9 |
CVE-ID | CVE-2020-11487 CVE-2020-11483 CVE-2020-11484 CVE-2020-11485 CVE-2020-11486 CVE-2020-11488 CVE-2020-11489 CVE-2020-11615 CVE-2020-11616 |
CWE-ID | CWE-321 CWE-798 CWE-200 CWE-352 CWE-434 CWE-254 CWE-310 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
AMI Baseboard Management Controller Hardware solutions / Firmware DGX-1 Hardware solutions / Firmware DGX-2 Hardware solutions / Firmware DGX A100 Servers Hardware solutions / Firmware |
Vendor | nVidia |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
EUVDB-ID: #VU47999
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11487
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to usage of a hard-coded RSA 1024 key with weak ciphers in the AMI BMC firmware. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAMI Baseboard Management Controller: before 3.38.30
DGX-1: All versions
DGX-2: All versions
DGX A100 Servers: All versions
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48005
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11483
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code in the AMI BMC firmware. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
DGX-2: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48004
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11484
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local administrator can obtain the hash of the BMC/IPMI user password.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48003
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11485
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsDGX-1: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48002
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11486
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload. A remote attacker can upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48001
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11488
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to the affected software does not validate the RSA 1024 public key used to verify the firmware signature. A local administrator can cause information disclosure or arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
DGX-2: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48000
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11489
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to default SNMP community strings are used in the AMI BMC firmware. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
DGX-2: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48006
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11615
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to usage of a hard-coded RC4 cipher key in the AMI BMC firmware. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48007
Risk: Low
CVSSv3.1: 2.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11616
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX-1: All versions
AMI Baseboard Management Controller: before 3.38.30
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.