NVIDIA BlueField Privilege Escalation Vulnerability in Management Interface

A vulnerability exists in the management interface of NVIDIA BlueField products, specifically in BlueField-2 and BlueField-3 platforms. This vulnerability allows an attacker with local access to manipulate authorization processes, potentially leading to unauthorized configuration changes. Exploitation of this issue could result in a denial-of-service, unauthorized privilege escalation, information disclosure, and unauthorized data modification.

Impact

Successful exploitation could cause a denial-of-service, unauthorized privilege escalation, information disclosure, and unauthorized data modification.

Remediation

Users are advised to update to version 45.1020 for BlueField GA, version 35.4554 for BlueField LTS22, and version 39.5050 for BlueField LTS23. For BlueField LTS24, version 43.3608 is recommended.