NVIDIA has released an urgent security update for its DGX Spark AI workstation after uncovering 14 firmware vulnerabilities that put the platform at significant risk. These flaws affect critical components of the DGX Spark GB10 system, including SROOT, OSROOT, and hardware resource controls, allowing attackers to interfere with low-level system functions. The most severe vulnerability, CVE-2025-33187, carries a CVSS score of high and impacts all DGX Spark devices running firmware versions prior to the new OTA0 update. Collectively, these issues expose the AI workstation to high-impact threats involving code execution, unauthorized system access, and denial-of-service attacks.

NVIDIA’s Offensive Security Research team identified these weaknesses, warning that attackers particularly those with local or privileged access could bypass firmware safeguards, manipulate protected system-on-chip (SoC) regions, and modify hardware controls. The vulnerabilities span multiple categories, including CWE-269 (privilege issues), CWE-787 (out-of-bounds write), CWE-20 (input validation errors), and several others. Depending on the vulnerability, attackers could achieve code execution, information disclosure, data tampering, system manipulation, denial-of-service attacks, or in severe cases, privilege escalation.

A detailed breakdown shows CVEs with varying severity scores from the critical (CVE-2025-33187) down to 2.3 highlighting the broad attack surface. Some flaws allow direct code execution or access to protected memory regions, while others enable data leakage or system disruption. Although most vulnerabilities require local access, NVIDIA cautions that certain flaws can be triggered without full privileges, increasing their potential impact. Given that DGX Spark workstations are widely used for AI and machine-learning workloads, an exploitation could result in the theft or compromise of sensitive AI models, datasets, and training pipelines.

NVIDIA strongly urges all organizations and users to immediately install the latest DGX OS version (OTA0), which patches all 14 CVEs at once. Customers should download the update from the official NVIDIA DGX website, and subscribe to NVIDIA’s Product Security alerts for ongoing updates. With the increasing reliance on high-performance AI systems, timely patching is crucial to maintaining system integrity and preventing potential breaches, service disruption, or unauthorized access to valuable AI assets.