Subj : Security flaws in key Nvidia enterprise tool could have let hacke
To   : All
From : TechnologyDaily
Date : Tue Aug 05 2025 17:15:08

Security flaws in key Nvidia enterprise tool could have let hackers run 
malware on Windows and Linux systems

Date:
Tue, 05 Aug 2025 16:03:00 +0000

Description:
Worrying Nvidia Triton bugs let hackers run malware on Windows and Linux 
systems.

FULL STORY
======================================================================Security
 researchers found three flaws in Nvidia Triton Inference Server When used 
together, they can grant remote code execution capabilities A patch has been 
released, so users should update immediately 

Nvidia Triton Inference Server carried three vulnerabilities which, when 
combined, could lead to remote code execution (RCE) and other risks, security 
experts from Wiz have warned 

Triton is a free open source tool working on both Windows and Linux which 
helps companies run AI models efficiently on servers, whether in the cloud, 
on-site, or at the edge. 

It supports many popular AI frameworks and speeds up tasks by handling 
multiple models at once and grouping similar requests together. Patching the 
flaw 

Wiz found three flaws in the Python backend: 

CVE-2025-23319 (out-of-bounds write bug with an 8.1/10 severity score), 
CVE-2025-23320 (shared memory limit exceeding vulnerability with a 7.5/10 
severity score), and CVE-2025-23334 (an out-of-bounds vulnerability with a 
5.9/10 score). 

"When chained together, these flaws can potentially allow a remote, 
unauthenticated attacker to gain complete control of the server, achieving 
remote code execution (RCE)," Wiz said in its security advisory. 

The risk is real, too, they added, stressing that companies stand to lose 
sensitive data: 

"This poses a critical risk to organizations using Triton for AI/ML, as a 
successful attack could lead to the theft of valuable AI models, exposure of 
sensitive data, manipulating the AI model's responses, and a foothold for 
attackers to move deeper into a network," the researchers added. 

Nvidia said it addressed the issues in version 25.07, and users are strongly 
recommended to update to the latest version as soon as possible. 

At press time, there were no reports of anyone abusing these flaws in the 
wild, however many cybercriminals will wait until a vulnerability is 
disclosed to target organizations that arent that diligent when patching and 
keep their endpoints vulnerable for longer periods of time. 

 Via The Hacker News You might also like A new Linux backdoor is hitting US 
universities and governments Take a look at our guide to the best 
authenticator app We've rounded up the best password managers



======================================================================
Link to news story:
https://www.techradar.com/pro/security/worrying-nvidia-triton-bugs-let-hackers
-run-malware-on-windows-and-linux-systems


--- Mystic BBS v1.12 A49 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.