Proof-of-Concept Released for Kubernetes Vulnerabilities Exposing Windows Nodes
Proof-of-Concept Released for Kubernetes Vulnerabilities Exposing Windows Nodes
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
Three interconnected high-severity security vulnerabilities have been identified in Kubernetes. These vulnerabilities could potentially be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. Notably, a proof of concept for this vulnerability is a YAML file that includes the execution of a PowerShell command, illustrating the severity of the issue.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.