Every CVE whose affected-product data names Nvidia Sbios, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-0209 — CVSS 8.2 (high): NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which…
CVE-2023-0207 — CVSS 7.5 (high): NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged…
CVE-2023-25506 — CVSS 7.5 (high): NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause…
CVE-2022-42285 — CVSS 6.0 (medium): DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection…
CVE-2022-42286 — CVSS 6.0 (medium): DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges.
CVE-2023-25509 — CVSS 6.0 (medium): NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.