Memory Overflow Vulnerability in NVIDIA Triton Inference Server for Windows and Linux
CVE-2025-23320

7.5HIGH

Key Information:

Vendor: Nvidia
Status: Triton Inference Server
Vendor: CVE Published:; 6 August 2025

Badges

📰 News Worthy

What is CVE-2025-23320?

A memory overflow vulnerability exists in the Python backend of NVIDIA Triton Inference Server for both Windows and Linux platforms. This issue allows attackers to exploit the server by sending excessively large requests, potentially causing the shared memory limits to be exceeded. If successfully exploited, the vulnerability could lead to sensitive information being disclosed, compromising the security and integrity of the data processed by the server.

Affected Version(s)

Triton Inference Server Windows All versions prior to 25.07

News Articles

CVE-2025-23319 CVE-2025-23320

Nvidia Patches Critical RCE Vulnerability Chain

The flaws in the company's Triton Inference Server enables model theft, data leaks, and response manipulation.

2 days ago

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23320

https://www.cve.org/CVERecord?id=CVE-2025-23320

https://nvidia.custhelp.com/app/answers/detail/a_id/5687

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
📰
First article discovered
Aug 4, 2025
Vulnerability Reserved
Jan 14, 2025