Platform
python
Component
megatron-lm
Fixed in
0.12.1
CVE-2025-23264 describes a code injection vulnerability discovered in NVIDIA Megatron-LM, a framework for large language model training. An attacker can exploit this flaw by providing a malicious file, potentially leading to severe consequences. This vulnerability affects all versions of Megatron-LM prior to 0.12.0. A patch is available in version 0.12.0.
Successful exploitation of CVE-2025-23264 allows an attacker to inject and execute arbitrary code within the Megatron-LM environment. This could result in complete system compromise, including unauthorized access to sensitive training data, modification of model parameters, and even the deployment of malicious models. The potential for privilege escalation is significant, as the attacker could gain control over the underlying system running Megatron-LM. Data tampering could also occur, leading to inaccurate or biased model outputs. The blast radius extends to any system utilizing vulnerable versions of Megatron-LM for training or inference.
CVE-2025-23264 was publicly disclosed on 2025-06-24. The vulnerability's impact, allowing arbitrary code execution, shares similarities with other code injection vulnerabilities, though no active campaigns or public proof-of-concept exploits are currently known. Its inclusion in the NVIDIA security advisory indicates a potential for widespread impact given the framework's use in large-scale AI training environments. The EPSS score is pending evaluation.
Exploit Status
EPSS
0.04% (12% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-23264 is to upgrade to NVIDIA Megatron-LM version 0.12.0 or later. If an immediate upgrade is not feasible, carefully scrutinize all file inputs to the Megatron-LM framework. Implement strict input validation and sanitization routines to prevent the execution of malicious code. Consider using a Web Application Firewall (WAF) to filter potentially harmful file uploads. While a direct detection signature is difficult to create, monitor system logs for unusual process execution or file modifications related to the Megatron-LM installation directory. After upgrading, confirm the fix by attempting to trigger the vulnerability with a known malicious file and verifying that it is blocked.
Actualice NVIDIA Megatron-LM a la versión 0.12.0 o posterior. Esto corregirá la vulnerabilidad de inyección de código. Consulte el aviso de seguridad de NVIDIA para obtener más detalles.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-23264 is a code injection vulnerability affecting NVIDIA Megatron-LM versions before 0.12.0. An attacker can inject malicious code through a crafted file, potentially leading to code execution and data compromise.
You are affected if you are using NVIDIA Megatron-LM versions prior to 0.12.0. Check your installed version and upgrade immediately if vulnerable.
Upgrade to NVIDIA Megatron-LM version 0.12.0 or later. If immediate upgrade isn't possible, implement strict input validation and consider a WAF.
As of the current disclosure date, there are no confirmed reports of active exploitation, but the potential for exploitation exists given the vulnerability's nature.
Refer to the official NVIDIA security advisory published on their website for detailed information and mitigation guidance.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.