CVE-2025-23310
Published: 06 August 2025
Summary
CVE-2025-23310 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Nvidia Triton Inference Server. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 20.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
NVIDIA Triton Inference Server for Windows and Linux is affected by CVE-2025-23310, a stack buffer overflow vulnerability (CWE-121) that can be triggered by specially crafted inputs. The flaw carries a CVSS 3.1 base score of 9.8, reflecting network attack vector, low attack complexity, and no required privileges or user interaction.
An unauthenticated remote attacker can supply malicious inputs to trigger the overflow, potentially achieving remote code execution, denial of service, information disclosure, or data tampering against the inference server.
The EPSS score remains low and unchanged at 0.0126 with no observed rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23826
Vulnerability details
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure,…
more
and data tampering.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack buffer overflow in public-facing NVIDIA Triton Inference Server directly enables remote unauthenticated RCE over the network (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation of specially crafted inputs to NVIDIA Triton Inference Server to prevent stack buffer overflows leading to RCE, DoS, disclosure, or tampering.
Implements memory protection mechanisms like stack canaries, ASLR, and DEP to mitigate exploitation of stack buffer overflows even if invalid inputs are processed.
Mandates identification, reporting, and remediation of the specific stack buffer overflow flaw in NVIDIA Triton Inference Server via official patches.