NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers.

"When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution (RCE)," Wiz researchers Ronen Shustin and Nir Ohfeld said in a report published today.

The vulnerabilities are listed below -

CVE-2025-23319 (CVSS score: 8.1) - A vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request

CVE-2025-23320 (CVSS score: 7.5) - A vulnerability in the Python backend, where an attacker could cause the shared

See Full Page

Interests (0)

Settings

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

Cobb County revolutionizes 911 system with AI-enhanced emergency communication platform

US retailer Best Buy to boost India tech hub staff by over 40%, executive says

Why Instagram's New Map Feature Is Receiving Backlash

Trump demands 'highly conflicted' Intel CEO resign over China ties

OpenAI's GPT-5 is here

Seeing in the dark: How home security camera night vision works

Intel's confusing 'Series 2' CPU brand is a massive step backwards

Nation's Churches Scramble To Upgrade To Y2K

OpenAI's GPT-5 targets coders

Saks Fifth Avenue's AI Virtual Voice Assistant Called Sophie

'Cannot possibly be legal': Trump buried for denying retirement benefits to certain troops

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

Leaked Credentials Up 160%: What Attackers Are Doing With Them

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

U.S. Army sergeant suspected of shooting, wounding five soldiers at Fort Stewart in Georgia

Trump orders new census excluding undocumented immigrants

Three More 9/11 Victims Identified Through DNA Testing

Terrible thirst hits Gaza with polluted aquifers and broken pipelines

Caesar Creek State Park and Little Miami River following Vice President JD Vance's birthday kayaking trip

Trump doubles reward to $50 million for arrest of Venezuela's president to face US drug charges

CDC Warns Travelers of Chikungunya Virus Outbreak in China

Texas Redistricting Conflict Intensifies as Abbott Seeks Court Action

Trump orders increased federal law enforcement presence in Washington to 'make DC safe again'

Los Angeles Officials Review Legal Options After Immigration Raid