AI and ML, Potential Risk of CVE

2025-23316 and CVE-2025-23268: About NVIDIA Triton Inference Server (18th Sep 2025)

Leave a comment

Preface: AI deployment is accelerated by hardware advancements (especially GPUs), ML platforms and MLOps for automation, the use of pre-trained models via transfer learning, containerization and orchestration for scalability, cloud infrastructure providing on-demand resources, and industry collaborations and specialized data partners to streamline various stages of the AI lifecycle.

Background: NVIDIA Triton Inference Server is an open-source inference serving platform whose primary goal is to simplify and accelerate the deployment of AI models in production environments. It aims to provide a unified platform capable of serving models from various machine learning frameworks, such as TensorFlow, PyTorch, ONNX Runtime, and custom backends, enabling flexibility and interoperability.

The “model name” parameter in NVIDIA Triton Inference Server is a crucial identifier used to specify which model a client wishes to interact with for inference requests.

Client API Usage: When using Triton client libraries (e.g., tritonclient[.]grpc or tritonclient[.]http), the model_name parameter is typically a required argument in functions used to send inference requests.

Both backends (Python and DALI) are part of Triton’s modular architecture. The Python backend often acts as a wrapper or orchestrator for other backends, including DALI.

Vulnerability details:

CVE-2025-23316 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.

CVE-2025-23268 VIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution.

Official announcement: Please see the link for details –

https://nvidia.custhelp.com/app/answers/detail/a_id/5691

Uncategorized

Phoenix: Rowhammer Attacks on DDR5 Memory – AMD ID: AMD-SB-7048 (17-09-2025)

Leave a comment

Preface: The researchers behind the related “ZenHammer” work found that using traditional timing side-channel methods for synchronization was less reliable on AMD Zen platforms compared to Intel CPUs. The Phoenix attack was designed to overcome these challenges using a “self-correcting” technique.

Background: Phoenix attack does not use XOR or similar software-level bit manipulation. Instead, it exploits physical properties of DRAM cells — flipping bits by repeatedly accessing adjacent rows (hammering), which causes electrical interference. The “Phoenix” attack, a system-level Rowhammer attack against DDR5 memory, requires monitoring timing to maintain synchronization with the memory’s refresh commands, which are essential for the attack’s success and for triggering bit flips despite mitigations like Targeted Row Refresh (TRR). The attack uses a “self-correcting” synchronization method that realigns the hammer pattern whenever a missed refresh is detected, allowing it to remain synchronized over long periods and bypass defenses that would otherwise prevent bit flips.

A CPU/GPU bit flip is an unintentional change of a digital bit’s value (from 0 to 1, or 1 to 0) within the Central Processing Unit (CPU) or Graphics Processing Unit (GPU). These errors can stem from hardware malfunctions, electromagnetic interference, cosmic rays, or manufacturing defects, potentially leading to incorrect calculations, data corruption, or system crashes. Modern processors often use techniques like Error Correcting Code (ECC) to detect and fix these errors, especially in high-assurance environments.

Vulnerability details: Researchers were able to use rowhammering techniques on DDR5 memory to obtain bitflips in order to escalate privileges.AMD believes this to be a memory issue. Susceptibility to rowhammer attacks varies based on the DRAM device, vendor, technology, and system settings. AMD recommends contacting your DRAM or system manufacturer to determine susceptibility.

Official announcement: Please refer to the link for more details –

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7048.html

IoT, Potential Risk of CVE

CVE-2024-45434 was published on September 12, 2025. You may have heard about it in popular cybersecurity magazine back in July of this year. Let’s take a closer look at it today. (16-09-2025)

Leave a comment

Preface: If an SDK contains a use-after-free (UAF) vulnerability, the consequences can range from minor data corruption and program crashes to severe security issues like arbitrary code execution, information leakage, and privilege escalation, as the vulnerability allows attackers to manipulate previously freed memory, leading to system instability or full compromise.

Background: Classic and Low Energy devices use different hardware and software stacks: Bluetooth® Classic devices can´t communicate with Bluetooth® Low Energy and vice versa.  As for some applications, the power consumption of Bluetooth® Classic is still too high.  The Bluetooth® SIG developed a standard lower power consumption to overcome this obstacle.

Vulnerability details: OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object (aka use after free). An attacker can leverage this to achieve remote code execution in the context of a user account under which the Bluetooth process runs.

This vulnerability was part of a broader exploit chain called PerfektBlue, which affected millions of vehicles from:

  • Volkswagen (ICAS3)
  • Mercedes-Benz (NTG6)
  • Škoda (MIB3)
  • And an unnamed OEM

Attackers could:

  • Send crafted AVRCP packets post-pairing
  • Trigger the use-after-free
  • Overwrite function pointers
  • Achieve remote code execution (RCE) in the infotainment system

Official announcement: Please see the link for details –

https://www.tenable.com/cve/CVE-2024-45434

Cell Phone (iPhone, Android, windows mobile), IoT, Potential Risk of CVE

A quick look at branch predictor isolation in KVM-QEMU

Leave a comment

Preface: AMD SoCs can have KVM virtualization for embedded multicore systems, especially with ARM-based architectures, as KVM supports various architectures including ARM and has been adapted for embedded platforms. While KVM was initially designed for Intel and AMD x86 processors, its flexibility and portability allowed for ports to the ARM architecture, making it suitable for embedded multicore SoCs.

Ref: The AMD Zen5 branch predictor is a major update for the Zen family, featuring a new “two-ahead” design that allows it to predict up to two branches per clock cycle, a significant increase from the previous “one-ahead” limit.

Background: Any modern 64-bit AMD processor with AMD-V (SVM) virtualization support can utilize KVM-QEMU for virtualization, as KVM is integrated into the Linux kernel and requires only these hardware extensions for acceleration. To use KVM, you need to ensure AMD-V is enabled in your system’s firmware (BIOS/UEFI) and that your Linux distribution’s kernel and QEMU packages are installed and configured.

The branch predictor is a hardware component located within the processor that stores prediction data internally to improve performance by guessing the outcome of conditional branches.

It uses Branch History Buffers (BHT) and Branch Target Buffers (BTB) to keep track of past branch outcomes and the addresses of the branch targets, respectively, which are small, fast on-chip structures, not part of the main memory system.

Vulnerability details: Researchers from ETH Zurich discovered that incomplete isolation of the branch predictor state in AMD CPUs (Zen 1–5) allows a malicious guest VM to influence indirect branch prediction in the host, specifically in user-space components like QEMU.

The attack, named VMSCAPE, enables a guest VM to leak memory from the host QEMU process at a rate of 32 bytes/sec, including sensitive data like disk encryption keys.

Official announcement: For details, please refer to the link – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7046.html

AI and ML, Potential Risk of CVE

Point of view – NVIDIA’s NVDebug tool, about CVE-2025-23342 and CVE-2025-23343.  (12th Sep 2025)

Leave a comment

Preface: Debug logs may contain user IDs and passwords to provide diagnostic information for failed login attempts, authentication failures, or to trace user activity within an application, but this is a significant security risk and should be avoided. Security best practices dictate that sensitive information like passwords should never be logged in cleartext. Instead, logging should only include non-sensitive user identifiers to help with troubleshooting without exposing credentials

Background: NVIDIA’s NVDebug tool is part of the broader Nsight Systems tool suite and relies on the NVIDIA Data Center GPU Manager (DCGM) library, specifically utilizing it for data collection and diagnostics to assist in troubleshooting and monitoring NVIDIA GPUs.

  • NVDebug is a tool for debugging and profiling NVIDIA GPUs, particularly in data center environments.
  • DCGM is a library for managing and monitoring NVIDIA GPUs in clusters and data centers.

NVDebug uses the DCGM library to gather essential diagnostic data, logs, and health information from the GPUs, enabling detailed analysis of the system’s state and performance.

Vulnerability details:

CVE-2025-23342: The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering.

CVE-2025-23343: The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering.

Official announcement: Please see the link for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5696

AI and ML, Potential Risk of CVE

The incorrect authorization described in CVE-2025-23256 may be triggered or facilitated by the underlying flaw CVE-2025-38456. (11th Sep 2025)

Leave a comment

Preface:

  • IPMI is a standardized interface for hardware management, operating via the Baseboard Management Controller (BMC).
  • It supports both in-band (local) and out-of-band (remote) access.
  • BlueField’s reliance on OpenIPMI and IPMItool makes it susceptible to kernel-level vulnerabilities.

Background: The Intelligent Platform Management Interface (IPMI) is a standard interface for hardware management used by system administrators to control the devices and monitor the sensors. For these, it is necessary the IPMI Controller called Baseboard Management Controller (BMC) and a manager software (for example, IPMItool). It provides an interface to manage IPMI functions in a local (in-band) or remote (out-of-band) system.

Vulnerability details:

This advisory explores a potential causal relationship between two recent vulnerabilities:

  • CVE-2025-23256 – A high-severity vulnerability in the NVIDIA BlueField DPU management interface, allowing local attackers to bypass authorization and modify configurations.

https://nvidia.custhelp.com/app/answers/detail/a_id/5655

  • CVE-2025-38456 – A moderate-severity vulnerability in the Linux IPMI subsystem, involving memory corruption due to mishandled pointers in ipmi_create_user().

https://nvd.nist.gov/vuln/detail/CVE-2025-38456

Recommendations

  1. Patch Kernel IPMI Subsystem: Ensure CVE-2025-38456 is mitigated in all systems running BlueField.
  2. Update BlueField Firmware: Apply NVIDIA’s latest firmware updates addressing CVE-2025-23256.
  3. Audit IPMI Access Controls: Review and restrict local access to /dev/ipmi0 and IPMItool.

Potential Risk of CVE, Under our observation

CVE-2025-9999: About TCP-based client/server Networking feature of PcVue. (9th Sep 2025)

Leave a comment

Preface: PcVue is a well-known and highly regarded SCADA solution, renowned for its innovation and user-friendliness, despite facing competition from larger, more dominant SCADA vendors. While not the most popular solution, PcVue’s strengths in user configuration, advanced HMI functionality, and integration capabilities have solidified its position in the market.

Background: Key Objectives of PcVue SCADA

Supervisory Control and Monitoring: To offer a centralized platform for operators to monitor and control complex industrial processes and large-scale infrastructure in real-time.

Data Acquisition and Analysis: To collect, process, and convert raw data into actionable information, providing operators with relevant alerts, reports, and historical data for informed decision-making.

Vulnerability details: Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an attacker to execute unauthorized commands in the application.

Official announcement: Please see the link for details

https://www.pcvue.com/security/#SB2025-4

How to Prevent This:

Input Validation: Never trust client input. Use strict schemas (e.g., JSON Schema).

  • Command Execution Hardening:
  • Avoid os.system() or shell execution.
  • Use safe APIs like subprocess.run() with argument lists.

Authentication & Authorization: Ensure only authorized users can send control commands.

Web Application Firewall (WAF): Detect and block suspicious payloads.

Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

CVE-2025-21484: About Qualcomm – Enhanced Validation of Array Index in Multi-Mode Call Processor (8th Sep 2025)

Leave a comment

Preface: PLMNs are public networks, while private networks (NPNs) serve specific users (such as enterprises). SNPNs (Standalone NPNs) are completely independent, dedicated networks that do not rely on the functionality of public PLMNs.

Background: “Qualcomm Multi-Mode Call Processor” is a component of their Modem-RF system, which is a comprehensive 5G module-RF system designed to provide multi-band, multi-mode connectivity for various devices. These integrated solutions combine the cellular modem, RF transceiver, and RF front-end components to enable 5G, 4G LTE, and legacy cellular network support in a single, cohesive platform.

Each PLMN is identified by a PLMN ID, which includes a country code and mobile network code. The UE uses this ID to distinguish between different PLMNs.

Vulnerability details:

Title – Improper Validation of Array Index in Multi-Mode Call Processor

Description – Memory corruption while selecting the PLMN from SOR failed list.

Vulnerability Type – CWE-129 Improper Validation of Array Index

Official announcement: Please refer to the link for details –

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

Best Practices
  • Always validate array indices before access.
  • Use safer memory functions or wrappers that include bounds checking.
  • Monitor heap usage and implement memory pressure handling routines.

Science

Myth and Reality (Nibiru in Sumerian Mythology to the Real Version of “3I/ATLAS”) – 5th Sep 2025

Leave a comment

Preface: In 1976, Zecharia Sitchin published The Twelfth Planet, in which Sitchin translation Sumerian texts describing the planet Nibiru.

About the Myth: According to the late Zechariah Sitchin, the planet Nibiru of Sumerian mythology and its periodic close passes by Earth is thought to orbit the sun in an elongated ellipse with a period of 3,600 years.

The earliest evidence of Sumerian civilization began around

5300 BCE, meaning from the earliest point to 2025 CE is approximately 7,325 years. However, if you are referring to the flourishing of the civilization, the period of Sumer from its beginning in the late Neolithic/early Bronze Age around 5300 BCE to its downfall around 1940 BCE was roughly 3,360 years long

Status of 3I/ATLAS (4th Sep 2025)

On September 4, 2025, the interstellar comet 3I/ATLAS was passing through the main asteroid belt, and it could be observed from Earth’s night sky with powerful space telescopes such as NASA’s Webb Space Telescope and Hubble Space Telescope, as well as large amateur telescopes equipped with specialized instruments.., and approaching its closest point to the Sun, which it will reach just inside Mars’s orbit in late October. While it will be unobservable for several weeks due to being too close to the Sun, it will reemerge in early December 2025 and continue its journey.

The Webb and Hubble teams, have observed interstellar object 3I/ATLAS and found it to be outgassing, though the process, or “outgassing,” in this case primarily involves carbon dioxide rather than water, which is a surprising and unusual finding compared to typical comets in our solar system. The team is analyzing data that confirms 3I/ATLAS is an active comet, with outgassing producing a coma of gas.

By analyzing the color of the light, specifically using spectroscopy, astronomers can determine the composition of this expelled material and learn about the object’s origin and the conditions in its home system.

End.

Uncategorized

CVE-2025-21483: About Qualcomm – Enhanced Restriction of Operations within the Bounds of a Memory Buffer

Leave a comment

(5th Sep 2025)

Official Published: 09/01/2025

Preface: The Real-time Transport Protocol (RTP) is an application-layer protocol, typically used over UDP, that facilitates the real-time transmission of media like audio and video over IP networks. While not a component of the modem’s RF (Radio Frequency) system itself, which handles the wireless signal, RTP works with 5G modem-RF systems by providing the actual media data for real-time applications like Voice over LTE (VoLTE) and 5G voice.

Background: RTP works with 5G modem-RF systems by providing the actual media data for real-time applications like Voice over LTE (VoLTE) and 5G voice.

“RTP NALU” refers to the encapsulation of Network Abstract Layer Unit (NALU) into Real-time Transport Protocol (RTP) packets, which is commonly used in H.264 video streaming to transmit data in real-time. NALU is a data unit in H.264 video compression, and RTP is used to encapsulate the NALU so that it can be transmitted over the network and reconstructed at the receiver side.

Vulnerability details: Improper Restriction of Operations within the Bounds of a Memory Buffer in Data Network Stack & Connectivity.

Description: Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.

Technology Area: Data Network Stack & Connectivity.

Vulnerability Type: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer.

Why the 5G Modem-RF System Is Involved?

  • The modem firmware handles real-time media transport, including RTP for VoLTE and 5G voice.
  • RTP/NALU reassembly is part of the low-level packet processing pipeline in the modem.
  • Since this is firmware-level code, it uses manual memory management (C/C++).
  • The vulnerability allows attackers to send malformed RTP packets that overflow the buffer, leading to remote code execution at the kernel level.

Official announcement: Please see the link for details –

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html

antihackingonline.com