CVE-2025-23333: 
Triton Inference Server vulnerability analysis and mitigation

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability (CVE-2025-23333) in the Python backend, discovered and disclosed on August 4, 2025. The vulnerability affects all versions prior to 25.07, where an attacker could cause an out-of-bounds read by manipulating shared memory data (NVIDIA Advisory, NVD).

The vulnerability is classified as CWE-125 (Out-of-bounds Read) with a CVSS v3.1 base score of 5.9 (Medium severity). The attack vector is network-based (AV:N) with high attack complexity (AC:H), requiring no privileges (PR:N) or user interaction (UI:N). The scope is unchanged (S:U) with high confidentiality impact (C:H) but no impact on integrity (I:N) or availability (A:N) (NVIDIA Advisory).

A successful exploitation of this vulnerability might lead to information disclosure through out-of-bounds read operations in the Python backend of the Triton Inference Server (NVIDIA Advisory).

NVIDIA has released version 25.07 to address this vulnerability. Users are advised to update to this version or later. Additionally, users deploying NVIDIA Triton Inference Server in production settings should follow the Secure Deployment Considerations Guide and ensure that logging and shared memory APIs are protected for use by authorized users (NVIDIA Advisory).

The vulnerability was discovered and reported by Trend Micro ZDI, demonstrating ongoing security research efforts in the field (NVIDIA Advisory).