AI description
CVE-2025-23319 is a vulnerability found in the Python backend of NVIDIA Triton Inference Server for Windows and Linux. This vulnerability allows an attacker to cause an out-of-bounds write by sending a request. Successful exploitation of CVE-2025-23319 could lead to remote code execution, denial of service, data tampering, or information disclosure. NVIDIA has released patches in version 25.07 of Triton Inference Server to address this vulnerability.
- Description
- NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
- Source
- psirt@nvidia.com
- NVD status
- Analyzed
- Products
- triton_inference_server
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
🚨 New research from Wiz reveals a critical vulnerability chain (CVE-2025-23319) in NVIDIA Triton Inference Server! Unauthenticated attackers could take over AI servers. Learn how to protect your AI deployments. https://t.co/fPqvPyCCNy #AISecurity #Cybersecurity #NVIDIA
@cedric_thibault
10 Aug 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-23319, CVE-2025-23320, CVE-2025-23334: A Vulnerability Chain Leading to AI Server Takeover • ZoomEye Dork: app="NVIDIA Triton Inference Server" • Results: 1,287 • ZoomEye Link: https://t.co/OoxbcI49Tf • Info: https://t.co/0pHa8j3nQQ • CVSS: 8.1, 7.5, 5.9
@DarkWebInformer
8 Aug 2025
4314 Impressions
11 Retweets
51 Likes
14 Bookmarks
2 Replies
0 Quotes
Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading to AI Server Takeover https://t.co/ZrrQv1ZBDT #appsec
@eyalestrin
8 Aug 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 : CVE-2025-23319&CVE-2025-23320&CVE-2025-23334: NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers CVE-2025-23310&CVE-2025-23311&CVE-2025-23317: Critical Triton Flaws Expose AI Servers to Remote Takeover 📊3.6K+ Ser
@HunterMapping
6 Aug 2025
2631 Impressions
14 Retweets
45 Likes
11 Bookmarks
1 Reply
0 Quotes
Chaining NVIDIA’s Triton Server flaws exposes AI systems to remote takeover Wiz Research discovered critical vulnerabilities in NVIDIA’s Triton Inference Server (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) that could let remote, unauthenticated attackers gain full contro
@dCypherIO
5 Aug 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NVIDIA Triton Inference Server’da Kritik Güvenlik Açıkları: CVE-2025-23319, CVE-2025-23320, CVE-2025-23334 https://t.co/DDRax1c2Qb
@umidcybers
5 Aug 2025
71 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨🚨NVIDIA Triton Inference Server vuln chain alert! CVE-2025-23319, CVE-2025-23320, CVE-2025-23334: Info leak in Python backend leads to full RCE. Steal models, manipulate inferences, expose data, or pivot deeper. @nvidia ZoomEye Dork👉app="NVIDIA Triton Inference Serv
@zoomeye_team
5 Aug 2025
2091 Impressions
9 Retweets
38 Likes
14 Bookmarks
1 Reply
0 Quotes
NVIDIAのTriton Inference Serverに深刻な脆弱性チェーン(CVE-2025-23319、23320、23334)が発見され、認証なしでリモートコード実行(RCE)が可能になることが判明した。 この脆弱性はPythonバックエンドに存在し、共有メ
@yousukezan
5 Aug 2025
667 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
NvidiaがTriton Inference Serverにおける重大(Critical)な遠隔コード実行の脆弱性チェーンを修正。CVE-2025-23319, CVE-2025-23320, CVE-2025-23334で、その他脆弱性も修正されている。 https://t.co/1DPR2FtD19
@__kokumoto
4 Aug 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We (+@nirohfeld) found a critical vulnerability chain in NVIDIA's Triton Inference Server (CVE-2025-23319) that can lead to full Remote Code Execution (RCE). An unauthenticated attacker can remotely take over the server, a cornerstone of many AI/ML production environments. 🧵 h
@ronenshh
4 Aug 2025
2188 Impressions
16 Retweets
30 Likes
7 Bookmarks
2 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2168003B-4C9F-4733-89F5-EA17B1228F95",
"versionEndExcluding": "25.07"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]