CRITICAL🇵🇱 Wersja polska

CVE-2020-11486

CVSS 9.8v3.1pub. 2020-10-29upd. 2024-11-21

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Bmc Firmware

    OS
    Intel
    < 3.38.30
  • Nvidia Dgx 1

    HW
    Nvidia
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2020-11483CRITICAL9.8ten sam produkt

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware vers...

CVE-2018-12171CRITICAL9.8ten sam produkt

Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may ...

CVE-2023-25505HIGH7.8ten sam produkt

NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with ...

CVE-2023-0209HIGH8.2ten sam produkt

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code execute...

CVE-2023-25506HIGH7.5ten sam produkt

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with ...