Severity
High
Analysis Summary
CVE-2024-0114 CVSS:8.1
A vulnerability exists in the NVIDIA Hopper HGX 8-GPU system's HGX Management Controller (HMC). An attacker with administrative access to the Baseboard Management Controller (BMC) could potentially gain administrator-level access to the HMC. This security issue could result in serious consequences, including potential code execution, system disruption, privilege escalation, sensitive information exposure, and unauthorized data modification.
CVE-2024-0141 CVSS: 6.8
NVIDIA Hopper HGX for 8-GPU has a vulnerability in the GPU vBIOS. This security issue allows a malicious actor with tenant level GPU access to write to an unsupported registry. The result could be causing a bad state for the system. If successfully exploited, this vulnerability may lead to a denial-of-service condition.
Impact
- Privilege Escalation
- Denial of Service
Indicators of Compromise
CVE
CVE-2024-0114
CVE-2024-0141
Affected Vendors
- NVIDIA
Affected Products
- NVIDIA Hopper HGX 8-GPU
Remediation
Upgrade to the latest version, available from the NVIDIA Website.