Various attacks on Nvidia's Hopper AI architecture conceivable
Nvidia's developers have closed two security vulnerabilities in Hopper HGX 8-GPU HMC.
A finger presses a symbolic update button.
(Image: Photon photo/Shutterstock.com)
For security reasons, administrators of AI infrastructure with Nvidia hardware should update the HGX software to the latest version. If this is not done, attackers can use two vulnerabilities for various attacks.
Malicious code vulnerability
In a warning message, Nvidia states that Hopper HGX for 8-GPU is under threat. One vulnerability (CVE-2025-0114 “high”) affects the HGX Management Controller (HMC). To be able to exploit this, however, an attacker must already have administrative access to the baseboard management controller (BMC). If this is the case, malicious code can get onto systems in the worst case.
Videos by heise
The second vulnerability (CVE-2025-0141 “medium”) impacts GPU vBIOS. Attackers can create DoS states at this point. The developers state that they have solved the security problems in HGX version 1.6.0. So far, there have been no reports of ongoing attacks.
Most recently, Nvidia addressed vulnerabilities in the Jetson and IGX Orin AI platforms.
(des)
