The vulnerability uncovered by WiZ affects the validation webhook component and could allow attackers to execute arbitrary code on affected systems, potentially compromising entire Kubernetes clusters. A proof-of-concept (PoC) exploit for a critical remote code execution vulnerability in Kubernetes Ingress-NGINX controllers, tracked as CVE-2025-1974. Kubernetes Security Special Interest Group (SIG) has confirmed the vulnerability and is working with the Ingress-NGINX maintainers to ensure proper patching and mitigation guidance. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability demonstrated in a controlled minikube setup illustrates how malicious actors might circumvent security measures and run commands on the base system. This vulnerability is particularly concerning given that Ingress-NGINX is one of the most commonly utilized ingress controllers in Kubernetes systems. The vulnerability allows attackers to inject malicious configurations and potentially achieve remote code execution by manipulating AdmissionReview requests. This exploit highlights the importance of vigilant monitoring and prompt patching in Kubernetes environments, especially for components that process external input like ingress controllers. It targets the validation webhook server, which runs on port 8443 and is responsible for verifying and processing Ingress resources before they are deployed to the cluster. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 27 Mar 2025 09:35:17 +0000