Published On: Sep 29, 2025 15:02
Advisory No: TZCERT-SA-25-0111
Source: NVIDIA
Software Affected: NVIDIA Triton Inference Server for Windows and Linux
NVIDIA Triton Inference Server is affected by a critical vulnerability. An attacker can leverage the vulnerability to execute remote code on the affected device.
NVIDIA Triton Inference Server is affected by a critical vulnerability tracked as CVE-2025-23316, with a CVSS base score of 9.8. The vulnerability lies in the Python backend of the NVIDIA Triton Inference Server, where, upon manipulation, it may cause a buffer overflow or other undefined behavior. Successful exploitation of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.
Successful exploitation of this vulnerability may allow the attacker to take control of the affected system.
NVIDIA has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
