EUVD-2025-208974

| CVE-2025-33247 HIGH
2026-03-24 nvidia GHSA-qm3j-hh5g-jmq2
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 24, 2026 - 20:31 euvd
EUVD-2025-208974
Analysis Generated
Mar 24, 2026 - 20:31 vuln.today
CVE Published
Mar 24, 2026 - 20:23 nvd
HIGH 7.8

Tags

RCE Information Disclosure Nvidia Deserialization

Description

NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

Analysis

NVIDIA Megatron LM contains an insecure deserialization vulnerability (CWE-502) in its quantization configuration loading mechanism that enables remote code execution. Attackers with local access and low privileges can exploit this flaw to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. The vulnerability has a CVSS score of 7.8 and affects all versions of NVIDIA Megatron LM based on available CPE data.

Technical Context

NVIDIA Megatron LM is a large-scale transformer model training framework used for natural language processing tasks. The vulnerability stems from unsafe deserialization (CWE-502) during the loading of quantization configuration files. Insecure deserialization occurs when untrusted data is used to reconstruct objects without proper validation, allowing attackers to inject malicious serialized objects that execute arbitrary code when deserialized. The affected product is identified via CPE as cpe:2.3:a:nvidia:megatron_lm:*:*:*:*:*:*:*:*, indicating all current versions are vulnerable. Quantization is a model compression technique, and the configuration loading process for this feature appears to lack input validation, creating an attack surface where malicious configuration files can be crafted to exploit the deserialization mechanism.

Affected Products

NVIDIA Megatron LM is affected across all versions as indicated by the CPE string cpe:2.3:a:nvidia:megatron_lm:*:*:*:*:*:*:*:* where the asterisk denotes all versions are vulnerable. The official NVIDIA security advisory provides detailed information and is available at https://nvidia.custhelp.com/app/answers/detail/a_id/5769. Organizations using NVIDIA Megatron LM for large language model training should consult this advisory for specific version information and confirmation of their deployment's vulnerability status.

Remediation

Consult the official NVIDIA security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5769 for patches and updated versions of Megatron LM that address this deserialization vulnerability. Until patching is completed, implement defense-in-depth controls including restricting access to quantization configuration files through file system permissions, validating and sanitizing all configuration inputs before processing, limiting local system access to only trusted users, and monitoring for suspicious configuration file modifications or unexpected process behavior. Organizations should also review access controls on systems running Megatron LM and implement principle of least privilege to reduce the attack surface, as the vulnerability requires local authenticated access to exploit.

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +39
POC: 0

Share

EUVD-2025-208974 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy