CVE-2025-33248

High

Published: 24 March 2026

Published

24 March 2026

Modified

25 March 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0006 19.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-33248 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Nvidia Megatron-Lm. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the deserialization of untrusted data vulnerability (CWE-502) in NVIDIA Megatron-LM's hybrid conversion script by applying vendor-provided patches.

SI-10 Information Input Validation good match

prevent

Validates files loaded by the hybrid conversion script to ensure only trusted, properly formatted data is deserialized, blocking maliciously crafted inputs.

SI-3 Malicious Code Protection partial match

preventdetect

Deploys malicious code detection and prevention tools to identify and block arbitrary code execution resulting from successful deserialization exploits.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

Why these techniques?

CWE-502 deserialization of untrusted data in file-loading script directly enables client-side RCE upon malicious file load (T1203/T1204.002) and subsequent arbitrary command execution (T1059).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of…

privileges, information disclosure, and data tampering.

Deeper analysisAI

CVE-2025-33248 is a vulnerability in the hybrid conversion script of NVIDIA Megatron-LM, an open-source framework for training large language models. The issue, classified as CWE-502 (Deserialization of Untrusted Data), enables an attacker to achieve remote code execution (RCE) by convincing a user to load a maliciously crafted file. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.

A local attacker with low privileges can exploit this vulnerability with low complexity and no additional user interaction beyond the initial file load. Successful exploitation allows arbitrary code execution on the host system, potentially leading to privilege escalation, information disclosure, and data tampering.

Advisories providing mitigation guidance and patch details are available from the National Vulnerability Database (https://nvd.nist.gov/vuln/detail/CVE-2025-33248), NVIDIA (https://nvidia.custhelp.com/app/answers/detail/a_id/5769), and CVE.org (https://www.cve.org/CVERecord?id=CVE-2025-33248). Security practitioners using Megatron-LM should consult these for updates, as the vulnerability was published on 2026-03-24.

Details

CWE(s): CWE-502

Affected Products

nvidia

megatron-lm

≤ 0.15.3

CVEs Like This One

CVE-2026-24151Same product: Nvidia Megatron-Lm

CVE-2026-24150Same product: Nvidia Megatron-Lm

CVE-2025-33247Same product: Nvidia Megatron-Lm

CVE-2026-24152Same product: Nvidia Megatron-Lm

CVE-2025-33253Same vendor: Nvidia

CVE-2025-33252Same vendor: Nvidia

CVE-2025-33210Same vendor: Nvidia

CVE-2025-33241Same vendor: Nvidia

CVE-2025-33245Same vendor: Nvidia

CVE-2026-24165Same vendor: Nvidia

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33248
Third Party Advisory, US Government Resource · psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5769
Vendor Advisory · psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2025-33248
Third Party Advisory · psirt@nvidia.com