Question 1

What is CVE-2022-42285 — CVE-2022-42285?

Accepted Answer

DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering.

Question 2

What is the authoritative source for CVE-2022-42285?

Accepted Answer

CVE-2022-42285 (CVE-2022-42285) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	6.0 ()
Vector	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
EPSS	0.15% probability of exploitation · percentile 4.9% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-42285CVE-2022-42285

Description

Scoring