Primary

Context

NVIDIA Hopper HGX 8-GPU HMC Privilege Escalation Vulnerability Allowing Unauthorized Access to Management Controller

Vulnerability

A vulnerability exists in the HGX Management Controller (HMC) of NVIDIA Hopper HGX for 8-GPU systems. This issue may allow a malicious actor with administrative access on the Baseboard Management Controller (BMC) to gain unauthorized administrative access to the HMC. Exploitation of this vulnerability could result in code execution, denial of service, unauthorized privilege escalation, information disclosure, and data tampering.

Impact

Successful exploitation allows unauthorized administrative access to the HMC, potentially leading to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Remediation

Users are advised to download and install the appropriate firmware update. The updated version is 1.6.0 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA Hopper HGX 8-GPU HMC Privilege Escalation Vulnerability Allowing Unauthorized Access to Management Controller

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating