SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems. 
Nvidia Triton AI vulnerability

Cloud security giant Wiz has disclosed another set of vulnerabilities that can pose a significant risk to AI systems that rely on Nvidia products, in this case the company’s Triton Inference Server. 

Nvidia announced in an advisory published on Monday that more than a dozen vulnerabilities have been patched in Triton Inference Server, an open source software that enables users to deploy any AI model from various deep learning and machine learning frameworks.

Researchers at Wiz have discovered three vulnerabilities (CVE-2025-23319, CVE-2025-23320 and CVE-2025-23334) that can be chained by a remote, unauthenticated attacker to execute arbitrary code and take complete control of a server.

CVE-2025-23319 and CVE-2025-23320 are high-severity issues affecting the Python backend of Triton Inference Server for Windows and Linux. The former can be exploited for remote code execution, DoS attacks, data tampering, or information disclosure, while the latter can lead to information disclosure.

CVE-2025-23334 has been assigned a ‘medium severity’ rating. It also impacts the Python backend and it can lead to information disclosure. 

According to Wiz, the exploit chain starts with a minor information leak and escalates to a full system compromise. 

Advertisement. Scroll to continue reading.

“This poses a critical risk to organizations using Triton for AI/ML, as a successful attack could lead to the theft of valuable AI models, exposure of sensitive data, manipulating the AI model’s responses and a foothold for attackers to move deeper into a network,” Wiz explained.

The security firm published a blog post on Monday to share the technical details of its findings.  

This new research comes a couple of weeks after Wiz disclosed NVIDIAScape, an Nvidia Container Toolkit flaw that can be exploited for full control of the host machine. Wiz warned at the time that the issue posed a serious threat to managed AI cloud services.

Related: AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points

Related: Several Vulnerabilities Patched in AI Code Editor Cursor

Related: Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: A Step-by-Step Approach to AI Governance
April 28, 2026

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Register

Virtual Event: Threat Detection and Incident Response Summit
May 20, 2026

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Register

People on the Move

Chris Sistrunk has been promoted to Practice Leader for Mandiant's OT Security Consulting.

Nudge Security has appointed Patrick Dillon as its Chief Revenue Officer.

AutoNation has appointed Brian Fricke as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.