Vulnerable artificial intelligence servers could be hijacked in attacks exploiting a trio of security flaws impacting NVIDIA's Triton Inference Server for Windows and Linux, which have already been addressed, according to The Hacker News.
Most significant of the vulnerabilities is the high-severity Python backend flaw, tracked as CVE-2025-23319, which could be leveraged to facilitate an out-of-bounds write condition. Another high-severity issue in the Python backend, tracked as CVE-2025-23320, could be abused to compromise the shared memory limit, while the medium-severity Python backend bug, tracked as CVE-2025-23334, could be exploited to enable out-of-bounds read. Potential intrusions could entail the utilization of CVE-2025-23320 to expose the backend internal IPC shared memory region's unique name before the subsequent use of the remaining defects for total inference server compromise, noted Wiz researchers, who identified and reported the flaws. "This poses a critical risk to organizations using Triton for AI/ML, as a successful attack could lead to the theft of valuable AI models, exposure of sensitive data, manipulating the AI model's responses, and a foothold for attackers to move deeper into a network," researchers added.
Most significant of the vulnerabilities is the high-severity Python backend flaw, tracked as CVE-2025-23319, which could be leveraged to facilitate an out-of-bounds write condition. Another high-severity issue in the Python backend, tracked as CVE-2025-23320, could be abused to compromise the shared memory limit, while the medium-severity Python backend bug, tracked as CVE-2025-23334, could be exploited to enable out-of-bounds read. Potential intrusions could entail the utilization of CVE-2025-23320 to expose the backend internal IPC shared memory region's unique name before the subsequent use of the remaining defects for total inference server compromise, noted Wiz researchers, who identified and reported the flaws. "This poses a critical risk to organizations using Triton for AI/ML, as a successful attack could lead to the theft of valuable AI models, exposure of sensitive data, manipulating the AI model's responses, and a foothold for attackers to move deeper into a network," researchers added.




