NVIDIA Patches Six Critical Vulnerabilities in Triton Inference Server, Including Remote Code Execution Flaws

NVIDIA has released version 25.07 of Triton Inference Server for Windows and Linux to address six critical vulnerabilities. Three of these vulnerabilities (CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334) are particularly severe as they can be exploited without authentication, allowing attackers to execute remote code, exfiltrate sensitive information, and manipulate AI models. The remaining three vulnerabilities (CVE-2025-23310, CVE-2025-23311, and CVE-2025-23317) are part of a previous fix from August. The ability to chain these vulnerabilities together poses a significant risk, as it could enable more sophisticated and damaging attacks. Triton Inference Server is a critical component in deploying AI models across various industries, including healthcare, finance, and autonomous vehicles. Exploiting these vulnerabilities could lead to data breaches, model manipulation, and overall system compromise. Organizations using Triton Inference Server should prioritize updating to version 25.07 immediately. The vulnerabilities highlight the growing concern of AI system security, emphasizing the need for regular vulnerability assessments and prompt patching. Cybersecurity professionals should ensure that AI models and their outputs are continuously validated to detect any manipulation and implement network segmentation and access controls to limit exposure. This incident underscores the importance of robust security measures in AI platforms, especially as they become more integrated into critical infrastructure.