NVIDIA DGX Spark Security Update Fixed 14 Vulnerabilities
Summary : NVIDIA DGX Spark GB10 firmware vulnerabilities including CVE-2025-33187, CVE-2025-33188, CVE-2025-33189 & 11 more CVEs can Execute Malicious Code and DoS Attacks. Systems running DGX OS versions prior to OTA0 are affected. Immediate upgrade to OTA0 is strongly advised.
| OEM | NVIDIA |
| Severity | Critical |
| CVSS Score | 7.5 |
| CVEs | CVE-2025-33187, CVE-2025-33188, CVE-2025-33189 & 11 more CVEs |
| POC Available | No |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
NVIDIA has released a security update addressing 14 vulnerabilities in the NVIDIA DGX Spark firmware, a high-performance AI workstation for machine learning and model training.
These vulnerabilities enable attackers with local access to bypass protections and manipulate firmware and hardware controls. Exploitation could lead to unauthorized code execution, data tampering, system disruption, and exposure of sensitive AI data.
| Vulnerability Name | CVE ID | Product Affected | Severity | CVSS | Fixed Version |
| SoC Access Bypass Vulnerability via SROOT | CVE-2025-33187 | NVIDIA DGX Spark | Critical | 9.3 | OTAO |
| Hardware Control Tampering Vulnerability | CVE-2025-33188 | NVIDIA DGX Spark | High | 8.0 | OTAO |
| Out-of-Bounds Write Vulnerability in SROOT | CVE-2025-33189 | NVIDIA DGX Spark | High | 7.8 | OTAO |
Technical Summary
The NVIDIA DGX Spark GB10 firmware vulnerabilities primarily affect SROOT, OSROOT and hardware controls, enabling local attackers to bypass SoC protections for code execution, data tampering, information disclosure, denial of service and privilege escalation.
Critical flaws like out-of-bounds writes and hardware tampering allow memory corruption and system manipulation, while medium/low issues involve improper input handling, memory reads and resource reuse that risk data leaks or crashes.
All versions prior to OTA0 are vulnerable and security patch released fully addresses these risks.
| CVE ID | Vulnerability Details | Impact |
| CVE-2025-33187 | SROOT vulnerability allows attackers to access SoC-protected memory regions using privileged access | Code execution, privilege escalation |
| CVE-2025-33188 | Hardware controls can be tampered with due to improper authorization enforcement | Information disclosure, DoS |
| CVE-2025-33189 | Out-of-bounds writing in SROOT firmware enables memory corruption | Code execution, privilege escalation |
Other Vulnerabilities:
These other vulnerabilities are medium & low severity issues that may cause data leaks, system errors or minor disruptions.
| Vulnerability Name | CVE ID | Description | Severity | CVSS | Impact |
| Out-of-Bounds Write Vulnerability | CVE-2025-33190 | This vulnerability may allow unintended modification of system data | Medium | 6.7 | Code execution, Privilege escalation |
| Invalid Memory Read vulnerability in OSROOT | CVE-2025-33191 | Error in memory handling can crash system | Medium | 5.7 | Denial of service |
| Arbitrary Memory Read vulnerability | CVE-2025-33192 | Unauthorized access to stored information | Medium | 5.7 | Info disclosure, DoS |
| Integrity Validation Failure vulnerability | CVE-2025-33193 | Firmware integrity checks can be bypassed | Medium | 5.7 | Code execution, info leak |
| Input Processing Issue | CVE-2025-33194 | Faulty input handling reveals internal data | Medium | 5.7 | Info disclosure, DoS |
| Unexpected Buffer Operations | CVE-2025-33195 | Memory mishandling leads to data modification | Medium | 4.4 | Data tampering, DoS |
| Resource Reuse Exposure | CVE-2025-33196 | Reused firmware resources reveal sensitive data | Medium | 4.4 | Information disclosure |
| NULL Pointer Dereference | CVE-2025-33197 | System crashes due to improper pointer handling | Medium | 4.3 | DoS, possible code execution |
| Resource Reuse vulnerability | CVE-2025-33198 | Unintended reuse of resources leaks data | Low | 3.3 | Information disclosure |
| Incorrect Control vulnerability | CVE-2025-33199 | System behavior can be manipulated | Low | 3.2 | Data tampering |
| Resource Reuse vulnerability | CVE-2025-33200 | Data exposure due to resource reuse | Low | 2.3 | Information disclosure |
Remediation:
- Upgrade all NVIDIA DGX Spark systems to DGX OS OTA0 or the latest fixed version.
Conclusion:
The discovery of 14 critical vulnerabilities in the NVIDIA DGX Spark firmware provides a stark reminder that advanced hardware requires strict security practices round the clock.
These vulnerabilities pose a significant security risk to organizations using NVIDIA DGX Spark for AI or ML workloads. If exploited, attackers could gain deep hardware-level access, risk confidential AI datasets, system stability and training integrity. Immediate upgrading to OTA0 to mitigate all the vulnerabilities.
References:
Recent Comments