Wiz Research has identified a severe container escape vulnerability in the NVIDIA Container Toolkit (NCT), designated CVE-2025-23266 with a CVSS score of 9.0. This critical flaw enables malicious containers to bypass isolation protocols and gain root access to host machines, impacting numerous AI services across major cloud providers. The vulnerability, stemming from a misconfiguration in OCI hook handling, poses significant risks, especially in shared GPU environments, allowing attackers to access sensitive data from other users.
To mitigate risks, users are advised to upgrade to the latest NCT version or disable the vulnerable hooks as outlined in NVIDIA’s security bulletin. Organizations should prioritize patching hosts running untrusted container images. This incident underscores the vulnerabilities within the AI infrastructure, emphasizing the need for robust security measures beyond simple container isolation. Regular collaboration between security teams and AI engineers is essential to secure the increasingly complex AI ecosystem.
Source link
