关键信息 CVE Information CVE ID: CVE-2025-33200 NVD Published Date: 11/25/2025 NVD Last Modified: 11/25/2025 Source: NVIDIA Corporation Description NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. Metrics CVSS 3.x Severity and Vector Strings: - Base Score (NVIDIA): 2.3 LOW - Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N References Advisories, Solutions, and Tools: - NVD Detail - NVIDIA Corporation - NVIDIA Detail - NVIDIA Corporation - CVE Record - NVIDIA Corporation Weakness Enumeration CWE-ID: CWE-226 CWE Name: Sensitive Information in Resource Not Removed Before Reuse Source: NVIDIA Corporation