CVE-2023-31035

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 12, 2024
Updated: Jan 19, 2024
CWE ID 20

Summary

CVE-2023-31035 is a vulnerability found in NVIDIA DGX A100 SBIOS, which allows an attacker to exploit an SMI callout vulnerability and execute arbitrary code at the SMM level. This vulnerability has a high severity rating, with a base score of 7.5. The affected products include pqr6nN, pqr6nP, and tzcV6u. The potential dangers of this vulnerability include code execution, denial of service, escalation of privileges, and information disclosure. The exploitability score is 0.8, indicating a high likelihood of exploitation. To remediate this vulnerability, it is recommended to apply the necessary security patches or updates provided by NVIDIA.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-31035 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options