A security bug in the widely used Kubernetes container-management system allows attackers to remotely execute code with System privileges on Windows endpoints, potentially leading to full takeover of all Windows nodes within a Kubernetes cluster. Akamai security researcher Tomer Peled discovered the flaw, which is tracked as CVE-2023-5528 and has a CVSS score of 7.2. […]
Following our discovery of a critical loophole in Google Kubernetes Engine (GKE) dubbed Sys:All, we decided to conduct research into the real-world impacts of this issue. Our initial probe already revealed over a thousand vulnerable GKE clusters due to admins configuring RBAC bindings making the system:authenticated group overprivileged, which could potentially allow any Google account […]
Nov 24, 2023NewsroomCloud security / Data Protection Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some […]
Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results Kubescape 3.0 features Kubescape 3.0 adds new features that make it easier for organizations to secure their Kubernetes clusters, including: Compliance and container scan results stored as Kubernetes resources inside API objects: This makes […]
Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, discovered by Akamai researcher Tomer Peled, is a command injection vulnerability that can be exploited by applying a malicious YAML file on the cluster. “The Kubernetes […]
Two new high-severity Kubernetes vulnerabilities leave all Windows endpoints on an unpatched cluster open to remote code execution (RCE) with system privileges. Akamai has released a new report flagging the two Kubernetes vulnerabilities, and urged system administrators to take immediate steps to mitigate. The find was built on previous research into Windows nodes vulnerability CVE-2023-3676 […]
Sep 13, 2023THNKubernetes / Cloud Security Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the […]