CVE-2025-33178 – The NVIDIA NeMo Framework contains a code injec... (How to Fix)

Q: What is the severity of CVE-2025-33178?

CVE-2025-33178 has a CVSS score of 7.8 (HIGH). The NVIDIA NeMo Framework contains a code injection vulnerability in its BERT services component that allows attackers to execute arbitrary code by sending malicious data. This affects all platforms running vulnerable versions of NVIDIA NeMo Framework and can lead to complete system compromise.

📋 TL;DR

The NVIDIA NeMo Framework contains a code injection vulnerability in its BERT services component that allows attackers to execute arbitrary code by sending malicious data. This affects all platforms running vulnerable versions of NVIDIA NeMo Framework and can lead to complete system compromise.

💻 Affected Systems

Products:

NVIDIA NeMo Framework

Versions: All versions prior to the patched version

Operating Systems: All platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the BERT services component specifically. All deployments using vulnerable versions are affected regardless of configuration.

📦 What is this software?

Nemo by Nvidia

View all CVEs affecting Nemo →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining root/admin privileges, exfiltrating sensitive data, and tampering with or destroying critical systems.

🟠

Likely Case

Unauthorized code execution leading to data theft, privilege escalation, and potential lateral movement within the network.

🟢

If Mitigated

Limited impact if proper network segmentation, least privilege, and input validation controls are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

CWE-94 indicates improper control of generation of code ('Code Injection'), suggesting attackers can inject malicious code through data inputs to BERT services.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check NVIDIA advisory for specific patched version

Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5718

Restart Required: Yes

Instructions:

1. Review NVIDIA advisory at provided URL
2. Identify current NeMo Framework version
3. Update to patched version following NVIDIA's instructions
4. Restart affected services

🔧 Temporary Workarounds

Network Segmentation

all

Isolate NeMo Framework instances from untrusted networks and limit access to trusted sources only

Input Validation

all

Implement strict input validation and sanitization for all data sent to BERT services

🧯 If You Can't Patch

Isolate vulnerable systems in a dedicated network segment with strict access controls
Implement application-level firewalls to monitor and block suspicious requests to BERT services

🔍 How to Verify

Check if Vulnerable:

Check NeMo Framework version against NVIDIA's advisory. If running a version prior to the patched version, the system is vulnerable.

Check Version:

Check NeMo Framework documentation for version checking command specific to your deployment

Verify Fix Applied:

Verify NeMo Framework version matches or exceeds the patched version specified in NVIDIA's advisory

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from BERT services
Suspicious command execution patterns
Error logs showing code injection attempts

Network Indicators:

Unusual network connections originating from NeMo Framework instances
Suspicious payloads sent to BERT service endpoints

SIEM Query:

source="nemo_framework" AND (event_type="process_execution" OR event_type="error") AND message CONTAINS "injection" OR "malicious"

📊 Metadata

CVE ID: CVE-2025-33178

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

EPSS Score: 0.03% exploit probability (7.2th percentile)

Published: November 11, 2025

Last Updated: November 19, 2025

🔗 References

https://nvd.nist.gov/vuln/detail/CVE-2025-33178 Technical Description
https://nvidia.custhelp.com/app/answers/detail/a_id/5718 Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2025-33178 Technical Description

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-33178, you might also want to check these: