NVIDIA Issues Warning About Severe Security Flaws Enabling Code Attacks

NVIDIA has issued an urgent security bulletin urging customers using its Hopper HGX 8-GPU High-Performance Computing (HMC) systems to immediately install firmware updates addressing two critical vulnerabilities.

Released on February 28, 2025, the patches target flaws that could allow attackers to execute malicious code, escalate privileges, or cripple enterprise GPU infrastructure through denial-of-service (DoS) attacks.

The advisories highlight risks to AI data centers, cloud platforms, and scientific computing environments relying on these high-end accelerators.

CVE-2024-0114: Systemic Compromise via BMC Exploit (CVSS 8.1)

The highest-risk vulnerability, tracked as CVE-2024-0114 resides in the Hopper HGX Management Controller (HMC)—a critical component overseeing GPU fleet operations.

Attackers with administrative access to a system’s Baseboard Management Controller (BMC) could exploit this flaw to gain unfettered HMC administrator privileges. NVIDIA’s advisory warns that successful exploitation enables:

• Remote code execution on compromised GPUs
• Permanent denial of service through hardware state manipulation
• Sensitive data exfiltration, including AI model weights or training datasets
• Privilege escalation across multi-tenant cloud deployments

The attack vector requires local network access but poses particular danger in shared infrastructure environments where BMC credentials might be exposed.

NVIDIA emphasizes that organizations using default BMC configurations face heightened risk.

CVE-2024-0141: vBIOS Tampering Enables DoS (CVSS 6.8)

A secondary vulnerability, CVE-2024-0141, affects the GPU vBIOS firmware governing low-level hardware operations.

Malicious actors with tenant-level GPU access could write malicious values to unsupported registers, forcing GPUs into unrecoverable failure states.

While rated medium severity, this flaw threatens cloud service providers by allowing rogue users to destabilize shared GPU resources.

The vBIOS exploit requires no physical access, making it viable in virtualized environments. NVIDIA notes that attacks would bypass traditional virtualization security layers, potentially crashing entire GPU partitions.

Mitigation and Industry Response

NVIDIA has released firmware version 1.6.0 to address both vulnerabilities, with backward compatibility for systems running earlier HMC builds. The company advises:

1. Immediate installation of updates across all affected Hopper HGX deployments
2. Hardening BMC configurations to minimize attack surfaces
3. Auditing access controls for GPU management interfaces

“These patches are non-optional for any organization using Hopper systems in production,” said Priya Balasubramanian, lead security engineer at NVIDIA’s Product Security Incident Response Team (PSIRT).

“The combination of code execution and hardware bricking capabilities creates unacceptable operational risks.”

The disclosure follows increased scrutiny of GPU security as AI workloads expand. Researchers warn that compromised accelerators could enable model theft, training data poisoning, or supply-chain attacks across ML platforms.

With over 80% of AI data centers utilizing NVIDIA GPUs, timely patching remains critical to global infrastructure integrity.

Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free