CVE-2025-33196 is a vulnerability identified in the SROOT firmware of NVIDIA DGX Spark GB10 systems, affecting all versions prior to the OTA0 update. The issue stems from improper handling of sensitive information in memory: when a resource is reused, the firmware fails to clear or sanitize the data previously stored in that resource. This is classified under CWE-226, which concerns sensitive information not being removed before resource reuse. An attacker with high privileges and local access could exploit this flaw to access residual sensitive data left in memory, leading to information disclosure. The vulnerability does not require user interaction and does not affect the integrity or availability of the system, but it compromises confidentiality. The CVSS v3.1 score is 4.4 (medium severity), reflecting the requirement for local privileged access and the limited scope of impact. No public exploits have been reported, and NVIDIA has not yet published a patch at the time of disclosure. The DGX Spark platform is used primarily in high-performance computing and AI workloads, where sensitive data confidentiality is critical. The flaw could expose sensitive model data, proprietary algorithms, or other confidential information processed by the system. Mitigation currently relies on restricting privileged access and monitoring for suspicious local activity until a firmware update is released.

For European organizations, particularly those involved in AI research, scientific computing, or data-intensive workloads using NVIDIA DGX Spark systems, this vulnerability poses a risk of sensitive data leakage. Confidentiality breaches could expose proprietary AI models, research data, or customer information, potentially leading to competitive disadvantage or regulatory non-compliance under GDPR. Since exploitation requires high privilege and local access, the threat is more relevant to insider threats or attackers who have already compromised internal systems. The lack of impact on integrity and availability limits the risk of operational disruption but does not reduce the importance of protecting sensitive information. Organizations in sectors such as finance, healthcare, and research institutions that deploy DGX Spark hardware in Europe should be vigilant. The medium severity rating suggests a moderate but non-critical risk, emphasizing the need for access controls and timely patching once updates become available.

1. Immediately restrict and monitor privileged local access to NVIDIA DGX Spark systems to trusted personnel only, employing strict access controls and logging. 2. Implement network segmentation and isolation for DGX Spark nodes to reduce the risk of unauthorized local access. 3. Monitor system logs and firmware behavior for unusual activity that could indicate attempts to exploit this vulnerability. 4. Prepare to deploy the OTA0 firmware update from NVIDIA as soon as it is released, ensuring a tested and controlled update process. 5. Conduct regular audits of user privileges and remove unnecessary elevated permissions on DGX Spark systems. 6. Employ hardware-level security features such as secure boot and firmware integrity verification where supported. 7. Educate system administrators and security teams about the vulnerability and the importance of safeguarding privileged access. 8. Consider encrypting sensitive data in memory or using secure enclaves if supported by the platform to reduce exposure of residual data.