CVE-2023-31030

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 12, 2024

Updated: Jan 18, 2024

CWE ID 787

CWE ID 121

Summary

CVE-2023-31030 is a newly disclosed vulnerability affecting the NVIDIA DGX A100 BMC. The issue lies within the host KVM daemon, which can be exploited by unauthenticated attackers via a specially crafted network packet. Successful exploitation of this stack overflow vulnerability may result in arbitrary code execution, denial of service, information disclosure, or data tampering. This poses a significant risk to organizations utilizing NVIDIA DGX A100 systems and highlights the importance of prompt patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

NVIDIA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uG1uR1
https://www.cve.org/CVERecord?id=CVE-2023-31030
https://nvd.nist.gov/vuln/detail/CVE-2023-31030

Back to Vulnerability Database

CVE-2023-31030

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations