MDR
Solutions
Partners
About
Resources
Multiple vulnerabilities have been identified in NVIDIA CUDA Toolkit and NVIDIA Merlin Transformers4Rec affecting Windows and Linux platforms. The issues include OS command injection, insecure DLL search path handling, and arbitrary code execution conditions. Affected CUDA Toolkit versions include all releases up to and including 13.1. NVIDIA Merlin Transformers4Rec is impacted in versions that do not include commit 27ddd49. No exploitation in the wild has been reported.
CVE-2025-33228
CVE-2025-33229
CVE-2025-33230
CVE-2025-33231
CVE-2025-33233
Targeting / Delivery Mechanism
Exploitation scenarios vary by component. Certain vulnerabilities require manual execution of scripts or installers with maliciously crafted input, while others rely on insecure DLL search paths that allow attackers to place rogue DLL files in accessible directories. Merlin Transformers4Rec is susceptible to code injection through crafted input that is improperly handled by the application.
Execution Technique
The primary weaknesses include OS command injection in scripts and installers, uncontrolled DLL search path elements on Windows, and code injection within machine learning components. These flaws allow attacker-controlled data or files to be executed within the context of the vulnerable application.
Persistence / Deployment
Successful exploitation could enable arbitrary code execution with application-level privileges. Attackers may escalate privileges, modify configurations, deploy backdoors, or tamper with system or model data to maintain access.
Operational Impact
Severity ranges from Medium to High. Successful exploitation may result in code execution, privilege escalation, denial of service, information disclosure, or data tampering. Development environments and shared compute systems running CUDA Toolkit or Merlin workloads are particularly at risk where elevated permissions are present.
Validate Integrity
Identify systems running NVIDIA CUDA Toolkit or Merlin Transformers4Rec. Confirm CUDA Toolkit installations are updated beyond vulnerable builds and ensure Merlin deployments include commit 27ddd49. Review logs for suspicious installer activity, abnormal script execution, or unexpected DLL loading behaviour.
Respond to Confirmed Compromise
Isolate affected systems immediately. Upgrade to vendor-patched versions. Review executed commands, file changes, and account modifications. Remove malicious artifacts and rebuild systems if compromise scope cannot be confidently contained.
Strengthen Preventative Controls
Upgrade to the latest supported versions from NVIDIA. Apply least privilege to development and production systems. Restrict write permissions to application directories to mitigate DLL hijacking. Use vulnerability management and application control tooling to detect unauthorised execution attempts.
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5755
https://nvidia.custhelp.com/app/answers/detail/a_id/5761
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)