CVE-2025-23316

Published Sep 17, 2025

Last updated 6 months ago

CVSS critical 9.8

Overview

Description
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.
Source
psirt@nvidia.com
NVD status
Analyzed
Products
triton_inference_server

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@nvidia.com
CWE-78

Social media

Hype score
Not currently trending

  1. 🚨 CRITICAL: Pre-25.08 NVIDIA Triton Inference Server is vulnerable to OS Command Injection (CVE-2025-23316) — enables RCE, DoS, & data compromise! Patch now to protect your AI infra. https://t.co/dY12TdnJ0h #O... https://t.co/R4ZtC0vAZ5

    @offseq

    18 Sept 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🟥 CVE-2025-23316, CVSS: 9.8 (#Critical) NVIDIA Triton Inference Server version prior to 25.08. (released in May) A remote code execution vulnerability in the Python backend. Attackers can exploit this by manipulating the model name parameter in model control APIs, potential

    @UjlakiMarci

    17 Sept 2025

    114 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. [CVE-2025-23316: CRITICAL] Critical vulnerability in NVIDIA Triton Inference Server for Windows and Linux Python backend allows remote code execution through model name parameter manipulation. Take immediate...#cve,CVE-2025-23316,#cybersecurity https://t.co/tQ9exBC5Ru https://t.c

    @CveFindCom

    17 Sept 2025

    88 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨🚨NVIDIA Patches Critical Triton Inference Server Flaws CVE-2025-23316: Critical RCE Alert! Attackers can exploit the Python backend by tweaking model names in control APIs, potentially executing malicious code, stealing data, or crashing servers. CVE-2025-23268: A flaw in

    @zoomeye_team

    17 Sept 2025

    545 Impressions

    0 Retweets

    8 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service.CVE-2025-33211
  2. NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exceptional conditions issue by sending extra large payloads. A successful exploit of this vulnerability may lead to denial of service.CVE-2025-33201
  3. NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service.CVE-2025-33202
  4. NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading a misconfigured model. A successful exploit of this vulnerability might lead to denial of service.CVE-2025-23336
  5. NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of service.CVE-2025-23329

References

Sources include official advisories and independent security research.