Multiple vulnerabilities in NVIDIA DGX Station A100 and DGX Station A800
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 18 |
| CVE-ID | CVE-2022-42279 CVE-2022-42288 CVE-2022-42287 CVE-2022-42284 CVE-2022-42283 CVE-2022-42282 CVE-2022-42280 CVE-2022-42290 CVE-2022-42289 CVE-2023-25521 CVE-2022-42275 CVE-2022-42274 CVE-2022-42273 CVE-2022-42272 CVE-2022-42271 CVE-2023-31031 CVE-2023-31034 CVE-2023-31032 |
| CWE-ID | CWE-78 CWE-209 CWE-22 CWE-312 CWE-119 CWE-250 CWE-122 CWE-190 CWE-627 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
DGX Station A100 Hardware solutions / Firmware DGX Station A800 Hardware solutions / Firmware Baseboard Management Controller (BMC) Hardware solutions / Firmware NVIDIA SBIOS Operating systems & Components / Operating system |
| Vendor | nVidia |
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU86298
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42279
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the SPX REST API. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information Exposure Through an Error Message
EUVDB-ID: #VU86308
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42288
CWE-ID:
CWE-209 - Information Exposure Through an Error Message
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in the IPMI handler. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU86307
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42287
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the IPMI handler. A local administrator can send a specially crafted HTTP request and read arbitrary files on the system, leading to privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cleartext storage of sensitive information
EUVDB-ID: #VU86306
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42284
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage of sensitive information. A local attacker can obtain user credentials.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU86305
Risk: Low
CVSSv3.1: 5.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42283
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the IPMI handler. A local administrator can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Path traversal
EUVDB-ID: #VU86303
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42282
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the SPX REST API. A remote user can send a specially crafted HTTP request and read arbitrary files on the system, leading to privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Path traversal
EUVDB-ID: #VU86301
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42280
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the SPX REST authorization handler. A local user can send a specially crafted HTTP request and read arbitrary files on the system, leading to privilege escalation.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) OS Command Injection
EUVDB-ID: #VU86300
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42290
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the SPX REST API. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) OS Command Injection
EUVDB-ID: #VU86299
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42289
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the SPX REST API. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Execution with unnecessary privileges
EUVDB-ID: #VU77919
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25521
CWE-ID:
CWE-250 - Execution with Unnecessary Privileges
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper validation of an input parameter in SBIOS. A local administrator can run the affected binary and execute arbitrary code on the system with root privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A800: All versions
DGX Station A100: All versions
NVIDIA SBIOS: before 10.20
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU86297
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42275
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to a boundary error in the IPMI handler. A local attacker can trigger memory corruption and cause a loss of integrity or denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Buffer overflow
EUVDB-ID: #VU86296
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42274
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the IPMI handler. A local user can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU86293
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42273
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in libwebsocket. A remote user can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU86291
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42272
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the IPMI handler. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU86289
Risk: Low
CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42271
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the Intelligent Platform Management Interface (IPMI) handler. A local attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
Baseboard Management Controller (BMC): before 2.09.00
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Heap-based buffer overflow
EUVDB-ID: #VU86288
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31031
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A local administrator can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
NVIDIA SBIOS: before 10.20
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Integer overflow
EUVDB-ID: #VU86286
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31034
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to integer overflow. A local user can pass specially crafted data to the application, trigger integer overflow and cause a denial of service, information disclosure and data tampering.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
NVIDIA SBIOS: before 10.20
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Dynamic Variable Evaluation
EUVDB-ID: #VU86285
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-31032
CWE-ID:
CWE-627 - Dynamic Variable Evaluation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a dynamic variable evaluation. A local administrator can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsDGX Station A100: All versions
DGX Station A800: All versions
NVIDIA SBIOS: before 10.20
External linkshttp://nvidia.custhelp.com/app/answers/detail/a_id/5513
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
