CVE-2023-5528
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-5528 is a newly identified vulnerability in Kubernetes that allows users with the ability to create pods and persistent volumes on Windows nodes to potentially escalate their privileges to administrative access. This issue only affects Kubernetes clusters that utilize an in-tree storage plugin for Windows nodes. The exact exploit details are not publicly disclosed yet, but it is recommended that affected organizations apply the latest security patches to mitigate this risk. This vulnerability can lead to serious consequences, including unauthorized access and system compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.