CVE-2025-33197 | NVIDIA DGX Spark GB10 SROOT Firmware null pointer dereference

November 25, 2025 Yanac

A vulnerability, which was classified as problematic, was found in NVIDIA DGX Spark GB10. Affected by this issue is some unknown functionality of the component SROOT Firmware. The manipulation results in null pointer dereference.

This vulnerability is known as CVE-2025-33197. Attacking locally is a requirement. No exploit is available.VulDB Recent EntriesRead More