CVE-2026-24141

High

Published: 24 March 2026

Published

24 March 2026

Modified

25 March 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0007 21.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24141 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Custhelp (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 21.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the unsafe deserialization vulnerability by requiring timely identification, reporting, and patching of the affected NVIDIA Model Optimizer.

SI-10 Information Input Validation good match

prevent

Prevents exploitation of the ONNX quantization feature by validating the syntax, structure, and content of input files before deserialization processing.

SI-16 Memory Protection partial match

prevent

Mitigates arbitrary code execution resulting from successful deserialization by implementing memory protection mechanisms like ASLR and DEP.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution

Adversaries may exploit software vulnerabilities in client applications to execute code.

attack.mitre.org →

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

Why these techniques?

Unsafe deserialization (CWE-502) of a crafted ONNX file directly enables client-side RCE when the victim opens/processes the file, mapping to Exploitation for Client Execution and User Execution: Malicious File.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution,…

escalation of privileges, data tampering, and information disclosure.

Deeper analysisAI

CVE-2026-24141 is a vulnerability in the ONNX quantization feature of NVIDIA Model Optimizer for Windows and Linux. The issue stems from unsafe deserialization triggered by processing a specially crafted input file, classified under CWE-502 (Deserialization of Untrusted Data). It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact on confidentiality, integrity, and availability.

A local attacker requires no privileges but needs user interaction, such as convincing a user to process a malicious input file through the affected feature. Successful exploitation could result in arbitrary code execution, privilege escalation, data tampering, and information disclosure on the targeted system.

Mitigation guidance is available in the NVIDIA security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5798, along with details from the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-24141 and CVE record at https://www.cve.org/CVERecord?id=CVE-2026-24141.

This vulnerability is relevant to AI/ML workflows, as it affects model optimization tools handling ONNX formats. No real-world exploitation has been reported in the provided details.