Menu
There is a vulnerability that allows remote code execution with SYSTEM privileges on all Windows machines within a Kubernetes cluster. Tracked as CVE-2023-5528 (CVSS score: 7.2), the shortcoming affects all versions of Kubelet, both prior to and after version 1.8.0. A successful exploit of the vulnerability could result in the complete takeover of all Windows nodes in a cluster, and it is worth noting that the web infrastructure company previously disclosed another set of similar vulnerabilities in September 2023.
This vulnerability can only be mitigated by patching Kubernetes, and it should be noted that this vulnerability only affects Windows-based systems. It is not necessary to patch this specific vulnerability if your Kubernetes cluster does not contain any Windows nodes. However, it is important to patch it anyway when you have the opportunity and organizations using Kubernetes in Japan should be careful because successful exploitation could lead to the complete takeover of all Windows nodes within the cluster.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
