CVE-2022-42290EPSS p58.7%

CVE-2022-42290CVE-2022-42290

nvidia / dgx_a100_firmware

Description

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering.

Scoring

CVSS 7.2 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS1.01% probability of exploitation · percentile 58.7% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.