NVIDIA released a patch for a critical bug in its high-performance line of DGX servers that could open the door for a remote attacker to take control of and access sensitive data on systems typically operated by governments and Fortune-100 companies. All of the flaws are tied to its own firmware that runs on its DGX AMI baseboard management controller (BMC) The bugs were disclosed Wednesday and presented as part of a presentation Vulnerabilities of Machine Learning Infrastructure at CodeBlue 2020, a security conference in Tokyo.
Source: https://threatpost.com/nvidia-critical-bug-hpc/160762/