Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2020-11486

Disclosure Date: October 29, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product’s environment, which may lead to remote code execution.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Vendors

  • NVIDIA

Products

  • NVIDIA DGX Servers

Additional Info

Technical Analysis