PT-2025-45512 · Kubevirt+1 · Kubevirt+1

Published

2025-11-06

Updated

2026-02-27

CVE-2025-64434

CVSS v3.1

6.3

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.5.3 KubeVirt versions prior to 1.6.1

Description KubeVirt is a virtual machine management add-on for Kubernetes. A flaw exists in the peer verification logic within virt-handler via the verifyPeerCert function. An attacker compromising a virt-handler instance could exploit shared credentials to impersonate virt-api and perform privileged operations against other virt-handler instances, potentially compromising the integrity and availability of managed virtual machines.

Recommendations Update to KubeVirt version 1.5.3 or later. Update to KubeVirt version 1.6.1 or later.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

AZL-69796

AZL-69961

CVE-2025-64434

GHSA-GGP9-C99X-54GP

GO-2025-4107

OPENSUSE-SU-2026:20281-1

SUSE-SU-2025:4330-1

SUSE-SU-2026:20551-1

SUSE-SU-2026:20610-1

Affected Products

Kubevirt

Suse

PT-2025-45512 · Kubevirt+1 · Kubevirt+1

CVE-2025-64434

Weakness Enumeration

Related Identifiers

Affected Products

References · 42