Critical Vulnerabilities in NVIDIA Triton Inference Server Expose Systems to Remote Denial-of-Service Attacks
NVIDIA has recently addressed two significant security vulnerabilities in its Triton Inference Server, both carrying a CVSS score of 7.5, indicating high severity. These flaws could allow remote attackers to execute denial-of-service (DoS) attacks, potentially disrupting machine learning operations.
Details of the Vulnerabilities:
1. CVE-2025-33211: Improper Input Validation
This vulnerability arises from inadequate validation of input quantities. Attackers can exploit this flaw by sending specially crafted inputs, leading to a DoS condition that effectively shuts down the Triton Inference Server.
2. CVE-2025-33201: Inadequate Handling of Large Payloads
This issue stems from the server’s improper handling of unusually large payloads. By transmitting excessive data, attackers can trigger a DoS attack without needing special access or authentication.
Impact and Exploitation:
Both vulnerabilities are remotely exploitable with low attack complexity, requiring no prior authentication or user interaction. This makes them particularly dangerous for organizations utilizing Triton Inference Server in production environments. All Linux versions of Triton Inference Server prior to r25.10 are affected.
Recommended Actions:
NVIDIA strongly advises organizations to upgrade to Triton Inference Server version r25.10 or later to mitigate these vulnerabilities. The update has been available on the official GitHub Releases page since December 2, 2025.
In addition to patching, organizations should review NVIDIA’s Secure Deployment Considerations Guide to implement further security measures. Administrators are encouraged to assess network access controls, ensuring that Triton deployments are not directly exposed to untrusted networks. Implementing stronger authentication mechanisms and rate limiting can further enhance security.
NVIDIA maintains a comprehensive security program through its Product Security Incident Response Team (PSIRT). Administrators with questions should contact NVIDIA Support directly or visit their official security portal for additional guidance.
