1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Security flaws in key Nvidia enterprise tool could have let hacke

    From TechnologyDaily@1337:1/100 to All on Tue Aug 5 17:15:08 2025
    Security flaws in key Nvidia enterprise tool could have let hackers run malware on Windows and Linux systems

    Date:
    Tue, 05 Aug 2025 16:03:00 +0000

    Description:
    Worrying Nvidia Triton bugs let hackers run malware on Windows and Linux systems.

    FULL STORY ======================================================================Security
    researchers found three flaws in Nvidia Triton Inference Server When used together, they can grant remote code execution capabilities A patch has been released, so users should update immediately

    Nvidia Triton Inference Server carried three vulnerabilities which, when combined, could lead to remote code execution (RCE) and other risks, security experts from Wiz have warned

    Triton is a free open source tool working on both Windows and Linux which helps companies run AI models efficiently on servers, whether in the cloud, on-site, or at the edge.

    It supports many popular AI frameworks and speeds up tasks by handling multiple models at once and grouping similar requests together. Patching the flaw

    Wiz found three flaws in the Python backend:

    CVE-2025-23319 (out-of-bounds write bug with an 8.1/10 severity score), CVE-2025-23320 (shared memory limit exceeding vulnerability with a 7.5/10 severity score), and CVE-2025-23334 (an out-of-bounds vulnerability with a 5.9/10 score).

    "When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution (RCE)," Wiz said in its security advisory.

    The risk is real, too, they added, stressing that companies stand to lose sensitive data:

    "This poses a critical risk to organizations using Triton for AI/ML, as a successful attack could lead to the theft of valuable AI models, exposure of sensitive data, manipulating the AI model's responses, and a foothold for attackers to move deeper into a network," the researchers added.

    Nvidia said it addressed the issues in version 25.07, and users are strongly recommended to update to the latest version as soon as possible.

    At press time, there were no reports of anyone abusing these flaws in the wild, however many cybercriminals will wait until a vulnerability is
    disclosed to target organizations that arent that diligent when patching and keep their endpoints vulnerable for longer periods of time.

    Via The Hacker News You might also like A new Linux backdoor is hitting US universities and governments Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/worrying-nvidia-triton-bugs-let-hackers -run-malware-on-windows-and-linux-systems


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)