An urgent security update for its DGX Spark AI workstation after discovering 14 vulnerabilities in the system’s firmware that could allow attackers to execute malicious code and launch denial-of-service attacks.
The most severe flaw has a CVSS score of 9.3 and affects all DGX Spark devices running versions before the new OTA0 update.
The vulnerabilities reside in multiple firmware components of the DGX Spark GB10, including SROOT, OSROOT, and hardware resource controls.
NVIDIA’s Offensive Security Research team identified these flaws, which expose the AI workstation to serious security risks.
Attackers with local access can exploit these weaknesses to bypass security protections, modify hardware controls, and gain unauthorized access to protected areas of the system-on-chip.
The critical vulnerability, tracked as CVE-2025-33187, allows attackers with privileged access to breach SoC-protected areas.
| CVE ID | Base Score | CWE | Potential Impacts |
|---|---|---|---|
| CVE-2025-33187 | 9.3 | CWE-269 | Code execution, information disclosure, data tampering, denial of service, escalation of privileges |
| CVE-2025-33188 | 8.0 | CWE-269 | Information disclosure, data tampering, denial of service |
| CVE-2025-33189 | 7.8 | CWE-787 | Code execution, data tampering, denial of service, information disclosure, escalation of privileges |
| CVE-2025-33190 | 6.7 | CWE-787 | Code execution, data tampering, denial of service, escalation of privileges |
| CVE-2025-33191 | 5.7 | CWE-20 | Denial of service |
| CVE-2025-33192 | 5.7 | CWE-690 | Code execution, denial of service, information disclosure |
| CVE-2025-33193 | 5.7 | CWE-354 | Code execution, denial of service, information disclosure |
| CVE-2025-33194 | 5.7 | CWE-180 | Information disclosure, denial of service |
| CVE-2025-33195 | 4.4 | CWE-119 | Data tampering, denial of service, escalation of privileges |
| CVE-2025-33196 | 4.4 | CWE-226 | Information disclosure |
| CVE-2025-33197 | 4.3 | CWE-476 | Code execution, denial of service |
| CVE-2025-33198 | 3.3 | CWE-226 | Information disclosure |
| CVE-2025-33199 | 3.2 | CWE-670 | Data tampering |
| CVE-2025-33200 | 2.3 | CWE-226 | Information disclosure |
Potentially leading to code execution, data theft, system manipulation, denial-of-service attacks, or privilege escalation. This flaw requires immediate attention due to its critical severity rating and comprehensive impact on system integrity.
All NVIDIA DGX Spark systems running versions before OTA0 are vulnerable. The security update addresses all 14 CVEs simultaneously.
NVIDIA urges customers to download and install the latest DGX OS version immediately from the official NVIDIA DGX website.
Users can also visit the NVIDIA Product Security page to subscribe to security bulletins and report potential security issues. The vulnerabilities primarily require local access to exploit, though some can be triggered without privileges.
Organizations using DGX Spark workstations for AI development and machine learning workloads should prioritize this update to prevent potential compromise of sensitive AI models and training data.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
