A critical vulnerability has been identified in multiple NVIDIA DGX Spark products. This flaw allows an attacker who already has privileged access to the system to bypass security controls and gain complete control over the hardware, potentially leading to code execution, data theft, or a total system shutdown.

The vulnerability exists within the SROOT component of the NVIDIA DGX Spark GB10 platform. An attacker with pre-existing privileged credentials on the system can exploit this weakness to bypass security mechanisms and gain unauthorized access to protected System on a Chip (SoC) memory areas. This level of access allows the attacker to execute arbitrary code, escalate their privileges to the highest level, read or modify sensitive data, and cause a denial of service, effectively leading to a full system compromise.

This vulnerability is rated as critical severity with a CVSS score of 9.3. Successful exploitation could have a severe impact on the business, as DGX systems are typically used for mission-critical AI/ML and data processing workloads. Potential consequences include the theft of proprietary data and intellectual property (e.g., AI models), disruption of core business operations, significant financial loss due to system downtime, and reputational damage. A compromised system could also be used as a pivot point to launch further attacks against the internal network.

Immediate Action: Apply the security updates provided by NVIDIA to all affected DGX Spark products immediately. After patching, security teams should actively monitor for any indicators of compromise and review system and access logs for unusual activity originating from privileged accounts that may indicate a past or ongoing exploitation attempt.

Proactive Monitoring: Implement enhanced monitoring on affected systems. Security teams should look for unauthorized privilege escalation events in system logs (e.g., auditd), unexpected processes spawned by system-level accounts, and any unusual access patterns to hardware or memory resources. Monitor network traffic for anomalous outbound connections that could indicate command and control (C2) activity.

Compensating Controls: If patching cannot be immediately deployed, implement strict access controls based on the principle of least privilege to limit the number of accounts with privileged access. Enforce multi-factor authentication (MFA) for all administrative access to the DGX systems. Ensure that Endpoint Detection and Response (EDR) solutions are deployed and properly configured to detect post-exploitation behavior.

Public Exploit Available: false

Given the critical severity (CVSS 9.3) and the potential for complete system compromise, it is strongly recommended that organizations prioritize the deployment of the vendor-supplied patches for this vulnerability across all affected systems. Although the vulnerability is not currently listed in the CISA KEV catalog and requires prior access, the high value of DGX systems makes them a prime target. Organizations should treat this as an urgent priority to prevent the potential compromise of critical data and infrastructure.