CRITICAL🇵🇱 Wersja polska

CVE-2025-10725

CVSS 9.9v3.1pub. 2025-09-30upd. 2026-04-15

A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.

🤖 AI Analysis
How it works

An attacker with access to an authenticated account with low privileges (e.g., a standard platform user account) can exploit improper privilege management (CWE-266) in Red Hat OpenShift AI Service. Exploitation does not require interaction from other users or special configuration conditions — network access to the platform and an active account are sufficient. As a result, the attacker gains administrator rights for the entire OpenShift cluster.

Impact

The attacker achieves complete compromise of the cluster: can steal sensitive data, disrupt or disable all services, and take control of the underlying infrastructure. This results in complete violation of confidentiality, integrity, and availability of the platform and all applications running on it.

Mitigation & patch

Apply patches available from the vendor according to published Red Hat errata: RHSA-2025:16981, RHSA-2025:16982, RHSA-2025:16983, RHSA-2025:16984 and RHSA-2025:17501 available at access.redhat.com

Who is affected

Red Hat OpenShift AI Service — versions indicated in vendor references (errata RHSA-2025:16981, RHSA-2025:16982, RHSA-2025:16983, RHSA-2025:16984, RHSA-2025:17501)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References