This creates a false sense of security, as attackers can still abuse services or pivot to internal systems through poorly isolated Triton Inference Server instances. Trend Micro researchers uncovered two vulnerabilities-CVE-2025-23242 and CVE-2025-23243-stemming from misconfigured deployments that expose Riva’s gRPC and Triton Inference Server endpoints to the public internet. Attackers exploiting these flaws could access sensitive APIs without credentials, leveraging exposed ports (50051 for gRPC, 8000–8002 for Triton) to execute arbitrary inference requests. Trend Micro identified memory corruption risks in unpatched Triton versions, where malformed inference requests could trigger buffer overflows-a vector for remote code execution. Trend Micro analysts noted that the root cause lies in Riva’s default container configurations, which bind services to all network interfaces (0.0.0.0) without enforcing client authentication. A critical security flaw in NVIDIA’s Riva framework, an AI-powered speech and translation service, has left cloud environments vulnerable to unauthorized access and exploitation. “Even when organizations enable SSL/TLS for encrypted communications, the absence of mutual authentication allows anyone to connect to secured endpoints,” explained Alfredo Oliveira, a lead researcher at Trend Micro’s Zero Day Initiative. Administrators must also reconfigure security groups to restrict ingress traffic to trusted IPs and enforce role-based access controls (RBAC) on Triton endpoints. This is exacerbated by Riva containers running with elevated privileges, allowing successful attackers to escalate access to underlying Kubernetes clusters or cloud instances. Compounding the risk, Riva’s internal Triton Inference Server endpoints remain exposed through ports 8000–8002. Attackers can directly interact with Triton’s HTTP/REST and gRPC APIs to execute inference requests or probe for model vulnerabilities. These flaws enable threat actors to bypass authentication, abuse GPU resources, and potentially steal proprietary AI models or disrupt services through denial-of-service (DoS) attacks. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerabilities predominantly affect Linux-based deployments running Riva versions up to 2.18.0, which lack proper SSL/TLS configuration and network isolation. However, Trend Micro’s analysis revealed that even secured configurations fail to validate client certificates, allowing unauthenticated access. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. This oversight enables attackers to bypass payment systems tied to API keys and abuse GPU resources for cryptomining or adversarial model training.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 29 Apr 2025 14:50:11 +0000