NVIDIA B300 MCU CX8 Exploit: Deny of Service & Data Tampering
CVE-2025-33242 Published on March 24, 2026

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering.

NVD

Vulnerability Analysis

CVE-2025-33242 is exploitable with network access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Hardware Internal or Debug Modes Allow Override of Locks

System configuration protection may be bypassed during debug mode.


Affected Versions

NVIDIA HGX and DGX B300 Version All versions prior to and including 1.0 is affected by CVE-2025-33242

Exploit Probability

EPSS
0.01%
Percentile
1.03%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.