Tampering Vulnerability in NVIDIA DGX Spark GB10 Hardware Controls
CVE-2025-33188

8HIGH

Key Information:

Vendor: Nvidia
Status: Dgx Spark
Vendor: CVE Published:; 25 November 2025

What is CVE-2025-33188?

The NVIDIA DGX Spark GB10 has a vulnerability that allows an attacker to tamper with hardware controls. If successfully exploited, this issue may lead to unauthorized information access, data integrity compromise, or even denial of service conditions, potentially affecting the overall reliability of the system.

Affected Version(s)

DGX Spark NVIDIA DGX OS All versions prior to OTA0

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33188

https://www.cve.org/CVERecord?id=CVE-2025-33188

https://nvidia.custhelp.com/app/answers/detail/a_id/5720

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 25, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33188?

Affected Version(s)

References

CVSS V3.1

Timeline