CVE-2025-33187 | NVIDIA DGX Spark GB10 SROOT Firmware privileges management

November 25, 2025 Yanac

A vulnerability identified as critical has been detected in NVIDIA DGX Spark GB10. This affects an unknown function of the component SROOT Firmware. This manipulation causes improper privilege management.

This vulnerability is tracked as CVE-2025-33187. The attack is restricted to local execution. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-33196 | NVIDIA DGX Spark GB10 SROOT Firmware sensitive information in resource not removed before reuse
CVE-2025-61167 | SIGB PMB 8.0.1.14 ajax_selector.php id/datas sql injection