CVE-2025-33198
LOWDescription
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| nvidia | dgx_os |
| nvidia | dgx_spark |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-33198? +
How severe is CVE-2025-33198? +
What products are affected by CVE-2025-33198? +
How do I check if I'm vulnerable to CVE-2025-33198? +
Related Vulnerabilities
Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of …
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be …
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed …
The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access (CDA). …
wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue …
Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow …