Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology platform used for transcription, voice assistants, and conversational AI.
The flaws, now formally recognized as CVE-2025-23242 and CVE-2025-23243, expose enterprise users to potential unauthorized access and resource theft.
These vulnerabilities stemmed from exposed API endpoints that operated without proper authentication safeguards, creating an expansive attack surface in cloud-deployed implementations.
.png
)
Security Researchers Identify Two CVEs in NVIDIA’s AI Platform
Security researchers discovered a pattern of exposed NVIDIA Riva API endpoints across multiple organizations deployed in cloud environments.
The vulnerabilities were disclosed through Trend Zero Day Initiativeâ„¢ (ZDI) and documented as ZDI-25-145 and ZDI-25-144.
The research identified 54 unique IP addresses with exposed NVIDIA Riva services, all belonging to various cloud service providers, highlighting the widespread nature of the security oversight.
These vulnerabilities would allow unauthorized users to access Riva services without payment, potentially using expensive hardware resources and paid API keys.
Exposed API Endpoints Create Significant Security Risks
The core issue stems from NVIDIA Riva’s default configuration, which exposes multiple ports from the container to the host, listening on all IP addresses (0.0.0.0).
This network setting is equivalent to the docker –network host parameter and, without proper firewall settings, makes the service accessible to everyone.
Furthermore, even when TLS/SSL certificates are implemented, the gRPC server only encrypts traffic between client and server without verifying client identity, creating a false sense of security.
The problem is compounded by additional exposed ports that allow access to the underlying Triton Inference Server, which can be directly targeted, bypassing any security controls implemented at the Riva server level.
Key risks associated with these exposures include:
- Unauthorized access to expensive GPU resources and paid API keys.
- Increased risk of data leakage and intellectual property theft, especially for organizations running proprietary AI models.
- Susceptibility to denial-of-service (DoS) and memory attacks against the Triton Inference Server.
- Potential disclosure of underlying service information, making systems easier targets for attackers.
Recommended Mitigation Strategies for Administrators
Organizations using NVIDIA Riva are advised to implement several security measures to reduce risk:
- Deploy a secure API gateway to control access to gRPC or REST API endpoints.
- Apply network segmentation to restrict access to trusted networks only.
- Enforce strong authentication mechanisms and role-based access control, following zero-trust approaches.
- Review container settings to disable unnecessary services, remove unused ports, and restrict privileged execution.
- Enable comprehensive logging and monitoring to detect unusual access patterns or abuse.
- Implement rate limiting and request throttling, particularly for externally exposed endpoints.
- Keep all components of the Riva framework and Triton Inference Server up to date to mitigate known vulnerabilities.
- Use tools like Trend Vision One Cloud Risk Management to proactively detect and prevent insecure default settings.
The discovery of these vulnerabilities highlights the critical need for robust security practices when deploying advanced AI systems.
As organizations rapidly adopt powerful speech recognition technologies, overlooking security configurations can lead to unauthorized access and potential service abuse, putting sensitive data and resources at risk.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
