CVE-2025-23334: 
Triton Inference Server 脆弱性の分析と軽減

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability (CVE-2025-23334) in the Python backend, discovered in August 2025. The vulnerability allows an attacker to cause an out-of-bounds read by sending a request to the server. The issue affects all versions of NVIDIA Triton Inference Server prior to version 25.07 (NVIDIA Bulletin, NVD).

The vulnerability is classified as CWE-125 (Out-of-bounds Read) with a CVSS v3.1 base score of 5.9 (Medium) and vector string AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. The flaw exists in the Python backend component of the Triton Inference Server, where improper validation of requests can trigger an out-of-bounds read condition (NVIDIA Bulletin).

A successful exploitation of this vulnerability could lead to information disclosure from the affected system. The vulnerability allows attackers to read data outside the intended boundaries, potentially exposing sensitive information processed by the Triton Inference Server (NVIDIA Bulletin, Wiz Blog).

NVIDIA has released version 25.07 of the Triton Inference Server to address this vulnerability. Users are strongly advised to upgrade both the NVIDIA Triton Inference Server and the Python backend to this version. Additionally, users deploying the server in production settings should follow the Secure Deployment Considerations Guide and ensure that logging and shared memory APIs are protected for use by authorized users (NVIDIA Bulletin).

The vulnerability was discovered as part of a broader security research effort by the Wiz Research team, who have previously disclosed other NVIDIA vulnerabilities. The discovery highlights the importance of securing AI infrastructure components, particularly as organizations increasingly deploy AI and ML solutions (Wiz Blog).