CVE-2025-33242
Received Received - Intake
Registry Modification Vulnerability in NVIDIA B300 MCU Causing DoS

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: NVIDIA Corporation

Description
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-33242
EUVD
EUVD-2025-208971
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
nvidia b300_mcu *
nvidia b300_mcu to 1.0 (inc)
nvidia b300_mcu 1.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1234 System configuration protection may be bypassed during debug mode.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The CVE-2025-33242 vulnerability affects the NVIDIA B300 MCU, specifically the CX8 MCU component. It allows a malicious actor with high privileges to modify unsupported registries within the device. This modification can cause the device to enter a bad state, potentially leading to denial of service and data tampering.

The attack is network-based and requires high attack complexity, but no user interaction is needed. The vulnerability does not impact confidentiality but has high impacts on integrity and availability.

Impact Analysis

Exploiting this vulnerability can lead to denial of service (DoS), where the affected device may become unresponsive or unusable.

It can also result in data tampering, meaning that data integrity can be compromised, potentially altering or corrupting data processed or stored by the device.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate the CVE-2025-33242 vulnerability affecting the NVIDIA B300 MCU CX8 component, it is recommended to download and install the latest firmware version 1.4 released by NVIDIA.'}, {'type': 'paragraph', 'content': 'This updated firmware addresses the vulnerability that allows modification of unsupported registries which could cause denial of service and data tampering.'}, {'type': 'paragraph', 'content': "Users should obtain the firmware from the NVIDIA Developer Tools page and follow NVIDIA's official guidance for installation."}] [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33242. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart