CVE-2025-33255

NVIDIA TRT-LLM, a software library for optimizing and deploying large language models, contains a vulnerability in its Message Passing Interface (MPI) server component. The flaw is an unsafe deserialization issue, where the server does not properly validate serialized data before reconstructing objects. This can allow an attacker to inject malicious data that triggers unintended behavior during the deserialization process [1].

Attack

Vector An attacker can exploit this vulnerability by sending crafted serialized data to the MPI server. The attack does not require authentication or privileged network access, as the MPI server listens for connections by default. The attacker must be able to reach the MPI server port, which is typically exposed within a cluster or trusted network. Successful exploitation can be achieved without any user interaction [1].

Impact

The vulnerability carries a CVSS v3 base score of 7.5 (High). A successful exploit could lead to arbitrary code execution, denial of service, data tampering, or information disclosure. The impact is particularly severe in multi-tenant environments where the MPI server handles untrusted data, as it could enable lateral movement or compromise of the entire inference system [1].

Mitigation

NVIDIA has not yet released a security update for this vulnerability as of the publication date (2026-05-20). Users should monitor the NVIDIA security bulletin page for patches. As a workaround, restrict network access to the MPI server using firewall rules or segmentation, and apply input validation if custom deserialization routines are used [1].