Cyber Resilience

CVE-2026-24141

High

Published: 24 March 2026

Published
24 March 2026
Modified
25 March 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0008 24.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24141 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Custhelp (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 24.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Machine Learning Libraries; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-24141 is a vulnerability in the ONNX quantization feature of NVIDIA Model Optimizer for Windows and Linux. The issue stems from unsafe deserialization triggered by processing a specially crafted input file, classified under CWE-502 (Deserialization of Untrusted Data). It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact on confidentiality, integrity, and availability.

A local attacker requires no privileges but needs user interaction, such as convincing a user to process a malicious input file through the affected feature. Successful exploitation could result in arbitrary code execution, privilege escalation, data tampering, and information disclosure on the targeted system.

Mitigation guidance is available in the NVIDIA security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5798, along with details from the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-24141 and CVE record at https://www.cve.org/CVERecord?id=CVE-2026-24141.

This vulnerability is relevant to AI/ML workflows, as it affects model optimization tools handling ONNX formats. No real-world exploitation has been reported in the provided details.

EU & UK References

Vulnerability details

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution,…

more

escalation of privileges, data tampering, and information disclosure.

CWE(s)

AI Security AnalysisAI

AI Category
Machine Learning Libraries
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: onnx

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Unsafe deserialization (CWE-502) of a crafted ONNX file directly enables client-side RCE when the victim opens/processes the file, mapping to Exploitation for Client Execution and User Execution: Malicious File.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-60037Shared CWE-502
CVE-2024-12703Shared CWE-502
CVE-2026-24151Shared CWE-502
CVE-2025-33253Shared CWE-502
CVE-2024-12742Shared CWE-502
CVE-2026-22187Shared CWE-502
CVE-2025-60038Shared CWE-502
CVE-2026-31224Shared CWE-502
CVE-2025-33248Shared CWE-502
CVE-2025-60036Shared CWE-502

Affected Assets

Custhelp
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the unsafe deserialization vulnerability by requiring timely identification, reporting, and patching of the affected NVIDIA Model Optimizer.

prevent

Prevents exploitation of the ONNX quantization feature by validating the syntax, structure, and content of input files before deserialization processing.

prevent

Mitigates arbitrary code execution resulting from successful deserialization by implementing memory protection mechanisms like ASLR and DEP.

References