CVE-2025-33196 identifies a vulnerability in the SROOT firmware component of NVIDIA DGX Spark GB10 systems. The root cause is the failure to remove sensitive information from a resource before it is reused, which falls under CWE-226: Sensitive Information in Resource Not Removed Before Reuse. This flaw can allow an attacker with high-level privileges and local access to cause a resource to be reused without proper sanitization, potentially leading to disclosure of sensitive data previously stored in that resource. The vulnerability affects all versions of the DGX Spark prior to the OTA0 update. The CVSS v3.1 base score is 4.4, indicating a medium severity level, with the vector AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, meaning local attack vector, low attack complexity, requires high privileges, no user interaction, unchanged scope, and high impact on confidentiality but no impact on integrity or availability. No public exploits are known at this time, and no patches have been linked yet, though a firmware update (OTA0) is expected to address the issue. The DGX Spark platform is used primarily for AI and high-performance computing workloads, making the confidentiality of data processed on these systems critical. The vulnerability does not require user interaction but does require an attacker to have elevated privileges on the system, limiting the attack surface primarily to insiders or attackers who have already compromised user credentials or systems.

For European organizations, especially those involved in AI research, data science, and high-performance computing, this vulnerability poses a risk of sensitive data leakage from NVIDIA DGX Spark systems. Confidential information such as proprietary algorithms, datasets, or cryptographic keys could be exposed if an attacker gains high-level local access. Although the vulnerability does not affect system integrity or availability, the confidentiality breach could lead to intellectual property theft, regulatory non-compliance (e.g., GDPR), and reputational damage. Organizations relying on DGX Spark for critical workloads must consider the risk of insider threats or lateral movement by attackers who have already breached perimeter defenses. The medium severity rating reflects the requirement for high privileges and local access, but the potential impact on confidentiality in sensitive environments is significant. The lack of known exploits reduces immediate risk but does not eliminate the need for proactive mitigation.

1. Apply the OTA0 firmware update from NVIDIA as soon as it becomes available to address the vulnerability. 2. Restrict and monitor access to DGX Spark systems, ensuring only authorized personnel have high-level privileges. 3. Implement strict access controls and use multi-factor authentication to reduce the risk of privilege escalation. 4. Conduct regular audits of user activities and system logs to detect any unauthorized access attempts. 5. Isolate DGX Spark systems within secure network segments to limit exposure to potential attackers. 6. Employ endpoint detection and response (EDR) solutions to identify suspicious local activities. 7. Educate administrators and users about the risks of privilege misuse and the importance of firmware updates. 8. Consider encrypting sensitive data in memory or at rest where possible to reduce the impact of potential disclosure. 9. Maintain a robust incident response plan to quickly address any detected exploitation attempts. These steps go beyond generic advice by focusing on privilege management, monitoring, and network segmentation tailored to the DGX Spark environment.