Nvidia released a software update on Saturday to address critical vulnerabilities in its Triton server, identified by cybersecurity firm Wiz, which could enable AI model takeover, data theft, and response manipulation.
The vulnerabilities, deemed “critical” by Wiz, pertain to Nvidia’s Triton server, employed by clients to execute artificial intelligence models. Failure to patch these vulnerabilities could result in unauthorized control of AI models, exfiltration of sensitive data, and manipulation of AI responses. Nir Ohfeld, Wiz’s Head of Vulnerability Research, stated that Wiz Research discovered a vulnerability chain allowing an attacker with no prior access to gain complete control of an AI server.
This attack initiates with a minor bug that causes the server to leak a small piece of secret internal data. An attacker can then leverage this leaked data to exploit one of the server’s legitimate features, thereby gaining control over a private system component, which provides the initial foothold necessary to escalate privileges and achieve a full server takeover.
Triton functions as an open-source inference software developed by Nvidia, designed to optimize the deployment and performance of artificial intelligence models. While the complete roster of Triton users remains undisclosed, prominent enterprises such as Microsoft, Amazon, Oracle, Siemens, and American Express utilize the software.
A 2021 press release indicated that over 25,000 companies employ Nvidia’s AI stack. Nvidia’s spokesperson did not provide further comments beyond referring to the company’s security bulletin regarding these issues. The vulnerabilities have been officially assigned the identifiers CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334.
Nvidia extends Windows 10 support, adds G-Sync monitors
Ohfeld emphasized that the most crucial step for users is to update to the patched version of the Nvidia Triton Inference Server, specifically version 25.07 or newer, as this directly resolves the entire vulnerability chain. He also noted that there is currently no evidence of these specific vulnerabilities being actively exploited in real-world scenarios, despite Nvidia Triton being a widely used platform for AI workloads.
Emerging technologies have faced significant security vulnerabilities in 2025. In the cryptocurrency sector, for example, exploits have led to substantial financial losses. Hacken, a blockchain security auditor, reported that access flaws and smart contract bugs contributed to $3.1 billion lost in crypto exploits during the first half of 2025. This amount surpasses the total losses recorded throughout 2024.
