Platform
nvidia
Component
nemo-framework
Fixed in
2.5.2
CVE-2025-33204 affects the NVIDIA NeMo Framework, a platform for building and deploying large language models (LLMs). This vulnerability allows an attacker to inject malicious code through crafted data, potentially leading to severe consequences. Versions of the framework prior to 2.5.1 are affected. A patch is available in version 2.5.1.
The core of this vulnerability lies in the NLP and LLM components of NeMo Framework. An attacker can craft malicious data that, when processed by the framework, results in code injection. This injection can then be leveraged to execute arbitrary code on the system running the framework. The potential impact is significant, including privilege escalation, allowing an attacker to gain higher-level access. Data disclosure is another serious risk, as an attacker could potentially access sensitive information processed by the framework. Furthermore, the attacker could tamper with data, corrupting models or manipulating outputs. The blast radius extends to any system utilizing vulnerable versions of NeMo Framework for NLP or LLM tasks.
As of the publication date (2025-11-25), this CVE has not been added to the CISA KEV catalog. Public proof-of-concept (PoC) code is currently unavailable, suggesting a lower probability of immediate exploitation. However, the potential for code execution warrants careful attention. The vulnerability's impact on LLM applications makes it a potentially attractive target for sophisticated attackers.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to NVIDIA NeMo Framework version 2.5.1 or later. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider implementing input validation and sanitization on all data processed by the framework. Specifically, carefully scrutinize data sources and implement robust checks to prevent the injection of malicious code. While a direct WAF rule is unlikely to be effective, network segmentation can limit the potential impact of a successful exploit. Monitor system logs for unusual activity, particularly processes attempting to execute code from unexpected locations. After upgrading, confirm the fix by attempting to process known malicious data samples and verifying that code injection is prevented.
Actualice NVIDIA NeMo Framework a la versión 2.5.1 o posterior. Esto corregirá la vulnerabilidad de inyección de código. Consulte las notas de la versión para obtener instrucciones detalladas sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-33204 is a vulnerability in NVIDIA NeMo Framework versions prior to 2.5.1 that allows an attacker to inject malicious code through crafted data, potentially leading to code execution and data compromise.
You are affected if you are using NVIDIA NeMo Framework versions prior to 2.5.1. Check your installed version and upgrade if necessary.
Upgrade to NVIDIA NeMo Framework version 2.5.1 or later. If immediate upgrade is not possible, implement strict input validation and sanitization.
As of the publication date, there is no confirmed active exploitation, but the potential for code execution warrants vigilance.
Refer to the NVIDIA security bulletin for detailed information and updates: [https://www.nvidia.com/en-us/security/cve/CVE-2025-33204](https://www.nvidia.com/en-us/security/cve/CVE-2025-33204)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.