Bluefield 3 Ga CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-23256	1 Nvidia	4 Bluefield, Bluefield 2 Ga, Bluefield 2 Lts and 1 more	2025-09-05	8.7 High
NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-31037	1 Nvidia	4 Bluefield 2 Ga, Bluefield 2 Lts, Bluefield 3 Ga and 1 more	2025-06-09	7.2 High
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS.
CVE-2023-25519	1 Nvidia	8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more	2024-11-21	7.8 High
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges.

Page 1 of 1.