A critical security vulnerability has been identified in Red Hat OpenShift AI that allows authenticated attackers to escalate privileges and control entire clusters. The flaw impacts multiple versions and emphasizes the importance of least privilege policies to prevent complete system breaches. #CVE202510725 #OpenShiftAI
Keypoints
- The vulnerability is tracked as CVE-2025-10725 with a CVSS score of 9.9 out of 10.
- Attackers must be authenticated, such as a data scientist with a standard Jupyter notebook, to exploit the flaw.
- The flaw enables privilege escalation from low-privileged users to cluster administrators.
- Impact includes potential data theft, service disruption, and full control over the infrastructure.
- Red Hat recommends avoiding broad permissions for system groups and applying granular access controls.
Read More: https://thehackernews.com/2025/10/critical-red-hat-openshift-ai-flaw.html