CVE-2025-30202 – CVE-2025-30202 exposes vLLM's internal state da... (How to Fix)

Q: What is the severity of CVE-2025-30202?

CVE-2025-30202 has a CVSS score of 7.5 (HIGH). CVE-2025-30202 exposes vLLM's internal state data and enables denial of service attacks in multi-node deployments. The vulnerability allows unauthorized clients to connect to an exposed ZeroMQ XPUB socket, potentially receiving internal data and causing service disruption. Organizations running vLLM versions 0.5.2 through 0.8.4 in multi-node configurations are affected.

📋 TL;DR

CVE-2025-30202 exposes vLLM's internal state data and enables denial of service attacks in multi-node deployments. The vulnerability allows unauthorized clients to connect to an exposed ZeroMQ XPUB socket, potentially receiving internal data and causing service disruption. Organizations running vLLM versions 0.5.2 through 0.8.4 in multi-node configurations are affected.

💻 Affected Systems

Products:

vLLM

Versions: 0.5.2 to 0.8.4

Operating Systems: All platforms running vLLM

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects multi-node vLLM deployments where tensor parallelism across multiple hosts is configured. The socket is always opened in multi-node deployments but only used for tensor parallelism.

📦 What is this software?

Vllm by Vllm

View all CVEs affecting Vllm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption through DoS attacks combined with exposure of internal vLLM state information, potentially revealing sensitive deployment details.

🟠

Likely Case

Denial of service through connection flooding, slowing down or blocking the publisher, with incidental exposure of non-sensitive internal state data.

🟢

If Mitigated

Minimal impact if proper network segmentation and firewall rules are implemented to restrict access to the ZeroMQ port.

🌐 Internet-Facing: HIGH - The socket binds to ALL interfaces by default, making internet-facing deployments particularly vulnerable to external attackers.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems within the network can still exploit this vulnerability to cause DoS or access internal state data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the vulnerable host and knowledge of the ZeroMQ port. No authentication is required to connect to the exposed socket.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.8.5

Vendor Advisory: https://github.com/vllm-project/vllm/security/advisories/GHSA-9f8f-2vmf-885j

Restart Required: Yes

Instructions:

1. Upgrade vLLM to version 0.8.5 or later using pip: 'pip install vllm>=0.8.5'. 2. Restart all vLLM services. 3. Verify the fix by checking that the ZeroMQ socket is no longer bound to all interfaces.

🔧 Temporary Workarounds

Firewall Restriction

linux

Block external access to the ZeroMQ port using firewall rules

iptables -A INPUT -p tcp --dport <zmq_port> -j DROP
ufw deny <zmq_port>/tcp

Network Segmentation

all

Isolate vLLM nodes in a private network segment with restricted access

🧯 If You Can't Patch

Implement strict network access controls to restrict connections to the ZeroMQ port only from trusted secondary vLLM hosts
Monitor network traffic to the ZeroMQ port for suspicious connection patterns and implement rate limiting

🔍 How to Verify

Check if Vulnerable:

Check vLLM version with 'pip show vllm' and verify if running version 0.5.2 to 0.8.4 in multi-node configuration

Check Version:

pip show vllm | grep Version

Verify Fix Applied:

After upgrading to 0.8.5+, verify the ZeroMQ socket is not bound to all interfaces using netstat or ss commands

📡 Detection & Monitoring

Log Indicators:

Multiple connection attempts to ZeroMQ port
Unusual network traffic patterns from unauthorized IPs

Network Indicators:

Unexpected connections to vLLM ZeroMQ port from non-vLLM hosts
High volume of connections to the ZeroMQ port

SIEM Query:

source_port:<zmq_port> AND (src_ip NOT IN [trusted_vllm_hosts])

📊 Metadata

CVE ID: CVE-2025-30202

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.16% exploit probability (36.6th percentile)

Published: April 30, 2025

Last Updated: May 14, 2025

🔗 References

https://github.com/vllm-project/vllm/commit/a0304dc504c85f421d38ef47c64f83046a13641c Patch
https://github.com/vllm-project/vllm/pull/6183 Issue Tracking,Patch
https://github.com/vllm-project/vllm/security/advisories/GHSA-9f8f-2vmf-885j Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-30202, you might also want to check these: