CVE-2025-23325 – NVIDIA Triton Inference Server contains a vulne... (How to Fix)

Q: What is the severity of CVE-2025-23325?

CVE-2025-23325 has a CVSS score of 7.5 (HIGH). NVIDIA Triton Inference Server contains a vulnerability where specially crafted inputs can trigger uncontrolled recursion, potentially causing denial of service. This affects both Windows and Linux deployments running vulnerable versions of the inference server.

📋 TL;DR

NVIDIA Triton Inference Server contains a vulnerability where specially crafted inputs can trigger uncontrolled recursion, potentially causing denial of service. This affects both Windows and Linux deployments running vulnerable versions of the inference server.

💻 Affected Systems

Products:

NVIDIA Triton Inference Server

Versions: Versions prior to the patched release

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments using vulnerable versions are affected regardless of configuration

📦 What is this software?

Triton Inference Server by Nvidia

View all CVEs affecting Triton Inference Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of Triton Inference Server, affecting all inference requests and potentially requiring server restart

🟠

Likely Case

Temporary denial of service affecting specific inference endpoints or models until the recursion condition resolves

🟢

If Mitigated

Limited impact with proper input validation and monitoring in place

🌐 Internet-Facing: HIGH - Attackers can exploit this remotely without authentication

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could still cause service disruption

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted input to the inference server, which could be automated

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check NVIDIA advisory for specific patched version

Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5687

Restart Required: Yes

Instructions:

1. Review NVIDIA advisory for patched version. 2. Download and install patched version from NVIDIA. 3. Restart Triton Inference Server. 4. Verify the update was successful.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation at the application layer to filter potentially malicious inputs before they reach Triton

Rate Limiting

all

Implement rate limiting on inference endpoints to limit the impact of potential DoS attacks

🧯 If You Can't Patch

Isolate Triton servers in network segments with strict access controls
Implement comprehensive monitoring and alerting for abnormal recursion patterns

🔍 How to Verify

Check if Vulnerable:

Check Triton Inference Server version against NVIDIA's advisory for vulnerable versions

Check Version:

Check Triton server logs or configuration for version information

Verify Fix Applied:

Verify installed version matches or exceeds the patched version specified in NVIDIA advisory

📡 Detection & Monitoring

Log Indicators:

Unusual recursion patterns in logs
Multiple failed inference requests
Server restart events
High CPU/memory usage spikes

Network Indicators:

Unusual patterns of inference requests
Requests with malformed or specially crafted inputs

SIEM Query:

source="triton" AND (event_type="error" OR message="recursion" OR message="stack")

📊 Metadata

CVE ID: CVE-2025-23325

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-674

EPSS Score: 0.04% exploit probability (13th percentile)

Published: August 6, 2025

Last Updated: August 12, 2025

🔗 References

https://nvd.nist.gov/vuln/detail/CVE-2025-23325 US Government Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5687 Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2025-23325 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-23325, you might also want to check these: