CVE-2025-23301_CVE-2025-23301

4.2 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L

Description

NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.

Basic Information

ID CVE-2025-23301

Source nvidia

Published Sep 4, 2025 at 15:45

Affected Product

Vendor NVIDIA

Product HGX, DGX Hopper

Version All versions prior to and including 1.7.1

Affected Versions NVIDIA HGX, DGX Hopper All versions prior to and including 1.7.1
NVIDIA HGX, DGX Blackwell All versions prior to and including 1.2.0

CWE Classification

CWE-1244

References

{
    "lastseen": "",
    "description": "NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.",
    "published": "2025-09-04T15:45:00.243Z",
    "modified": "2025-09-04T15:45:00.243Z",
    "type": "cve",
    "title": "CVE-2025-23301",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23301\nhttps://www.cve.org/CVERecord?id=CVE-2025-23301\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5674",
    "id": "CVE-2025-23301",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1244"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA HGX, DGX Hopper All versions prior to and including 1.7.1\nNVIDIA HGX, DGX Blackwell All versions prior to and including 1.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HGX, DGX Hopper",
    "version": "All versions prior to and including 1.7.1",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}