NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation

NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and escalate privileges on affected systems.

The vulnerabilities, tracked as CVE-2025-23361 and CVE-2025-33178, both carry a CVSS score of 7.8 and affect all versions of the NeMo Framework before version 2.5.0 across all platforms.

NVIDIA NeMo Framework Vulnerabilities

The first vulnerability, CVE-2025-23361, exists in a framework script, where malicious input from an attacker may cause improper control over code generation.

The second flaw, CVE-2025-33178, resides in the Bert services component and enables code injection through malicious data.

Both vulnerabilities share the same attack vector and require local access with low privileges.

Successful exploitation could result in code execution, privilege escalation, information disclosure, and data manipulation, posing significant risks to organizations using the framework.

The vulnerabilities were discovered and reported by security researchers from TencentAISec and NISL lab at Tsinghua University, highlighting the importance of collaborative security research.

All versions of the NVIDIA NeMo Framework before 2.5.0 are vulnerable, regardless of operating system or platform. Organizations using earlier software branch releases are also at risk and should upgrade immediately.

NVIDIA recommends that users clone or update to the NeMo Framework version 2.5.0 or later, available from the official NVIDIA GitHub repository and the PyPI package manager.

The company emphasizes that users on earlier branch releases should upgrade to the latest branch version.

Organizations should assess their specific configurations and apply the security update promptly to mitigate potential exploitation risks.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.