CVE-2022-42275

NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.

CVSS v3 7.7 HIGH

7.7^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5435	Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5435	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*

cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:24

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.1~~	v2 : unknown v3 : 7.7
References	~~() https://nvidia.custhelp.com/app/answers/detail/a_id/5435 - Vendor Advisory~~	() https://nvidia.custhelp.com/app/answers/detail/a_id/5435 - Vendor Advisory
Summary		(es) El controlador NVIDIA BMC IPMI permite que un host no autenticado escriba en una memoria flash SPI del host sin pasar por las protecciones de arranque seguro. Esto puede provocar una pérdida de integridad y denegación de servicio.

Information

Published : 2023-01-13 01:15

Updated : 2024-11-21 07:24

NVD link : CVE-2022-42275

Mitre link : CVE-2022-42275

CVE.ORG link : CVE-2022-42275

JSON object : View

Products Affected

nvidia

bmc
dgx_a100

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2022-42275", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2023-01-13T01:15:09.927", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5435", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5435", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-288"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service."}, {"lang": "es", "value": "El controlador NVIDIA BMC IPMI permite que un host no autenticado escriba en una memoria flash SPI del host sin pasar por las protecciones de arranque seguro. Esto puede provocar una p\u00e9rdida de integridad y denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T07:24:38.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BF2BE11-5340-45D4-901E-6DE5153EEF14", "versionEndExcluding": "00.19.07"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}