CVE-2025-33189 Details Description Vulnerability: NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. Impact: A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges. Metrics CVSS Version 3.x - Base Score: 7.8 HIGH - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References to Advisories, Solutions, and Tools NVD Detail: CVE-2025-33189 NVIDIA Support: Answer Detail CVE Record: CVE-2025-33189 Weakness Enumeration CWE-ID: CWE-787 CWE Name: Out-of-bounds Write Change History 1 change record found show changes