CVE-2025-33249
Published: 18 February 2026
Summary
CVE-2025-33249 is a high-severity Command Injection (CWE-77) vulnerability in Nvidia Nemo. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 6.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-33249 is a code injection vulnerability (CWE-77) in a voice-preprocessing script within the NVIDIA NeMo Framework, affecting all supported platforms. Published on 2026-02-18, it allows malicious input crafted by an attacker to potentially trigger arbitrary code execution. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts.
A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation might enable code execution, privilege escalation, information disclosure, and data tampering on the affected system.
Mitigation details are available in official advisories, including NVIDIA's security bulletin at https://nvidia.custhelp.com/app/answers/detail/a_id/5762, the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2025-33249, and the CVE record at https://www.cve.org/CVERecord?id=CVE-2025-33249. Security practitioners should consult these resources for patch information and remediation steps.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-207816
Vulnerability details
NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…
more
disclosure, and data tampering.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CWE-77 command injection in local script directly enables arbitrary code execution (T1059) by a low-privileged attacker and subsequent privilege escalation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the code injection vulnerability in the NVIDIA NeMo voice-preprocessing script by applying vendor-provided patches and updates.
Requires validation of malicious inputs to the voice-preprocessing script to prevent command injection exploitation.
Limits the impact of low-privilege local attackers by enforcing least privilege, reducing potential for escalation, disclosure, and tampering.