CVE-2025-23319 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvidia	CNA	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-805 - Buffer Access with Incorrect Length Value
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

Vulnerability Media Exposure

[ENGLISH] NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. "When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution
Published: 2025-08-04T21:36:00+05:30
[GERMAN] Nvidia Triton Inference Server: Angreifer können drei Lücken kombinieren
Die Entwickler von Nvidia haben mehrere Sicherheitslücken in Triton Inference Server geschlossen. Mehrere Schwachstellen gelten als kritisch.
Published: 2025-08-05T07:16:00+00:00

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23319

https://nvidia.custhelp.com/app/answers/detail/a_id/5687

https://www.cve.org/CVERecord?id=CVE-2025-23319