- Security researchers found three deficiencies in Nvidia Triton Inference Server
- When used together they can give Execution for external code execution
- A patch has been released so users need to update right away
Nvidia Triton Inference Server transported three vulnerabilities, which, when combined, could lead to remote code performance (RCE) and other risks, Wiz security experts have warned
Triton is a free open source tool that works on both Windows and Linux, which helps companies run AI models effectively on servers, whether in the cloud, on site or at the edge.
It supports many popular AI frames and speeds up tasks by handling multiple models at once and grouping similar requests together.
Patching of the error
Wiz found three deficiencies in Python -Backend:
CVE-2025-23319 (Out-of-Bounds Writing Bug with an 8.1/10-difficulty), CVE-2025-23320 (shared memory limit exceeding the vulnerability 7.5/10 severity) and CVE-20125-23334 (an outside bottom vulnerability with a 5.9/10 score).
“When tied together, these deficiencies can potentially give a remote, unauthorized striker the opportunity to gain full control of the server and achieve the execution of external code (RCE),” Wiz said in his security advice.
The risk is also real, they added, and emphasized that companies are about to lose sensitive data:
“This poses a critical risk of organizations using Triton to AI/ML, as a successful attack can lead to theft of valuable AI models, exposure of sensitive data, manipulate the AI model’s response and foothold for attackers to move deeper into a network,” researchers added.
Nvidia said it was dealing with the problems in version 25.07, and users are recommended “strongly” to update to the latest version as soon as possible.
At the time of the press, there were no reports that anyone abused these deficiencies in nature, no matter how many cyber criminals will wait until a vulnerability is passed on to target organizations that are not as diligent when they patch and keep their endpoint vulnerable for extended periods.
Via Hacker the news
