Nvidia Patches ‘Critical’ AI Vulnerabilities in Triton Servers

- Nvidia fixes AI vulnerabilities endangering 25,000+ corporate users. - Critical flaws could enable full server takeovers, warns Wiz. On August 4, 2025, Cointelegraph reported that Nvidia patched critical vulnerabilities in its Triton AI inference server, which could have allowed attackers to compromise AI models, steal data, and manipulate outputs. Cybersecurity firm Wiz discovered the vulnerabilities, identifying them as CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334. If exploited, these security flaws could let attackers remotely gain full control of affected servers, access sensitive data, and distort AI-generated outcomes. The attack sequence starts with a minor information leak that can escalate into a complete system compromise, posing a significant risk since major corporations like Microsoft, Amazon, Oracle, Siemens, and American Express widely utilize Triton, an open-source software for deploying AI models. In a 2021 press release, Nvidia stated that over 25,000 companies rely on its AI infrastructure. Wiz researchers outlined several harmful outcomes from exploiting these vulnerabilities, including model theft, data breaches, response manipulation, and network pivoting to attack other systems. To address these security gaps, Nvidia emphasized the urgency of updating to the latest version, 25.07. While there is currently no evidence that attackers have exploited these vulnerabilities in real-world attacks, Nvidia’s update serves as a preventive measure to mitigate these risks and secure its widely-used AI platform.