CVE-2025-10725

CVSS v3.1

9.9

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Red Hat OpenShift AI versions 2.19 and 2.21

Description A significant flaw exists in Red Hat OpenShift AI Service that allows a low-privileged, authenticated attacker, such as a data scientist with standard Jupyter notebook access, to escalate their privileges to a full cluster administrator. This compromise enables complete control over the cluster, potentially leading to the theft of sensitive data, disruption of services, and full infrastructure takeover. The issue stems from overly permissive

ClusterRole

configurations. The vulnerability, identified as CVE-2025-10725, has a CVSS score of 9.9. The vulnerability allows attackers to gain full control of the infrastructure.

Recommendations For versions 2.19 and 2.21, enforce the Principle of Least Privilege. Review and audit existing

ClusterRoleBindings

to prevent broad permissions for system groups. Monitor for suspicious job-creation activity.

Fix

LPE

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266

Related Identifiers

CVE-2025-10725

Affected Products

Red Hat Openshift Ai Service

CVE-2025-10725

Weakness Enumeration

Related Identifiers

Affected Products

References · 39