PT-2025-39263 · Nvidia · Nvidia Megatron-Lm

Hao Fan

Publicado

2025-09-22

Atualizado

2025-10-10

CVE-2025-23354

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron-LM (affected versions not specified)

Description The software contains a flaw in the ensemble classifer script that could allow an attacker to inject malicious data. Successful exploitation of this issue may result in code execution, privilege escalation, information disclosure, and data tampering.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

BDU:2025-12633

CVE-2025-23354

Produtos afetados

Nvidia Megatron-Lm

PT-2025-39263 · Nvidia · Nvidia Megatron-Lm

CVE-2025-23354

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9