Karl.Fail

Tag: score:9.9

  • CVE-2025-47284: Critical Privilege Escalation in Gardener via Metadata Injection

    Overview

    On May 19, 2025, a critical security vulnerability was published under the identifier CVE-2025-47284, affecting the Gardener project—a tool used for the automated management of Kubernetes clusters as a service. The issue resides in the gardenlet component and poses a serious risk of privilege escalation due to improper handling of metadata injection.

    What is Gardener?

    Gardener is an open-source project developed by SAP that provides Kubernetes-as-a-Service by automating the provisioning and operation of Kubernetes clusters. It uses a control plane for each managed cluster and supports multi-cloud environments. A component called gardenlet is deployed on seed clusters to manage shoot clusters on behalf of users.

    Vulnerability Details

    The vulnerability arises from improper neutralization of escape, meta, or control sequences, classified as CWE-150. Specifically, metadata injection into project secrets can be exploited by an attacker with administrative privileges over a Gardener project. This enables the attacker to escalate their privileges and gain control over the seed clusters that host the shoot clusters for that project.

    All Gardener installations using the gardener/gardener-extension-provider-gcp module are affected.

    Technical Impact

    • CVSS v3.0 Score: 9.9 (Critical)
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Changed
    • Confidentiality, Integrity, and Availability Impact: High

    The vulnerability can be exploited remotely over the network and requires only low-level privileges within the Gardener project. No user interaction is required. Once exploited, the attacker can manipulate critical cluster management operations and compromise the integrity and availability of managed Kubernetes environments.

    Affected Versions

    • Gardener versions < 1.116.4
    • Gardener 1.117.0 to < 1.117.5
    • Gardener 1.118.0 to < 1.118.2

    Versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 contain patches addressing this issue.

    Mitigation

    It is strongly recommended that users upgrade to the latest patched versions of Gardener as listed above. Immediate action is required for any deployments using the vulnerable gardener-extension-provider-gcp module.

    Conclusion

    CVE-2025-47284 underscores the importance of secure metadata handling in cloud-native platforms. With a near-maximum CVSS score and the potential for full cluster compromise, this flaw should be addressed promptly by all affected users. For more details, refer to the GitHub security advisory.

  • CVE-2025-47283: Critical Privilege Escalation in Gardener Kubernetes Management

    Overview

    On May 19, 2025, a critical vulnerability was disclosed in the Gardener Kubernetes cluster management platform. Identified as CVE-2025-47283, the flaw permits privilege escalation by bypassing project secret validation, potentially allowing a project administrator to gain unauthorized access to the seed cluster(s) responsible for managing shoot clusters.

    This vulnerability is tracked under GHSA-3hw7-qj9h-r835 and has been rated as Critical with a CVSS v3.0 base score of 9.9.

    Technical Details

    The vulnerability stems from improper input validation, categorized under CWE-20: Improper Input Validation. This means that user-supplied data is not properly checked before being processed, allowing potentially malicious input to influence system behavior.

    In the context of Gardener, an administrative user within a project could manipulate secrets associated with their cluster to influence the behavior of the gardenlet component running on the seed cluster. This manipulation enables them to elevate privileges and execute operations outside their intended scope.

    Impact

    This flaw impacts all Gardener installations regardless of the public cloud provider used for the seed or shoot clusters. Exploitation could allow:

    • Unauthorized control over seed clusters
    • Compromise of other tenant clusters
    • Loss of confidentiality, integrity, and availability within the Kubernetes management infrastructure

    The vulnerability has a Changed Scope in the CVSS vector, indicating that an attacker’s access could impact components beyond the initially vulnerable system.

    Affected Versions

    The following versions of gardener/gardener are affected:

    • All versions prior to 1.116.4
    • Versions 1.117.0 through 1.117.4
    • Versions 1.118.0 through 1.118.1

    Mitigation

    Users are strongly advised to upgrade to one of the following patched versions:

    • 1.116.4
    • 1.117.5
    • 1.118.2
    • 1.119.0 or later

    Upgrading ensures that project secret validation is enforced correctly, preventing unauthorized privilege escalation within the system.

    Understanding the Terms

    Gardener is an open-source project developed by SAP that enables the automated management of Kubernetes clusters at scale. It introduces the concept of shoot clusters (end-user Kubernetes clusters) and seed clusters (infrastructure clusters that host shoot clusters).

    CVSS (Common Vulnerability Scoring System) provides a numerical score to indicate the severity of a vulnerability. A score of 9.9 indicates an extremely high risk, especially when no user interaction is required and the attack can be performed remotely.

    CWE-20 represents a category of vulnerabilities arising from improper input validation, a common flaw that can lead to injection, escalation, or arbitrary code execution.

    Conclusion

    CVE-2025-47283 highlights the importance of strict input validation and the risks posed by misconfigured secrets in Kubernetes management platforms. Organizations using Gardener should patch immediately and review their cluster access policies to ensure secure multi-tenancy.

  • CVE-2025-47282: Critical Privilege Escalation in Gardener External DNS Management

    Overview

    A critical security vulnerability identified as CVE-2025-47282 has been disclosed in Gardener External DNS Management, affecting all versions prior to 0.23.6. This flaw allows users with specific administrative privileges to escalate privileges and potentially gain control over seed clusters in Kubernetes environments. The issue is rated with a CVSS v3.0 score of 9.9 (Critical).

    What is Gardener External DNS Management?

    Gardener is a Kubernetes-based system for managing Kubernetes clusters across multiple infrastructures. Its external-dns-management component handles DNS entries for shoot clusters and may also be deployed to seed clusters via the gardener-extension-shoot-dns-service extension.

    Technical Details

    The vulnerability arises from improper input validation (CWE-20). Specifically, a malicious Google credential embedded in a DNS secret can be used by an attacker to inject unintended configurations, potentially allowing the attacker to take over the seed cluster hosting the shoot cluster.

    This applies to users who have administrative privileges over:

    • A Gardener project
    • A shoot cluster
    • A single namespace within a shoot cluster

    If the shoot-dns-service extension is enabled, then all versions ≤ v1.60.0 of this extension are also affected.

    CVSS Breakdown

    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Changed
    • Confidentiality/Integrity/Availability Impact: High

    Affected Components

    The following components are impacted:

    • gardener/external-dns-management < version 0.23.6
    • gardener-extension-shoot-dns-service ≤ v1.60.0

    Mitigation

    • Upgrade external-dns-management to version 0.23.6 or later.
    • If using the shoot-dns-service extension, ensure you are using a version later than v1.60.0.
    • Review permissions and secrets to identify possible abuse vectors.

    Conclusion

    This vulnerability underscores the need for strict input validation in infrastructure components and careful handling of credentials in DNS secrets. Administrators should patch their installations immediately to mitigate the risk of privilege escalation in Gardener-managed Kubernetes clusters.

    For more details, refer to the official GitHub advisory.

  • CVE-2025-30390: Critical Privilege Escalation Vulnerability in Azure Machine Learning

    Overview

    On April 30, 2025, Microsoft published details about a critical security vulnerability identified as CVE-2025-30390 in Azure Machine Learning (Azure ML). This vulnerability allows an authorized attacker to escalate privileges over a network, potentially compromising entire machine learning workloads hosted in Azure.

    Technical Details

    This vulnerability is categorized under CWE-285: Improper Authorization. The flaw lies in the insufficient enforcement of authorization checks in Azure ML’s compute environments. A user with limited privileges can exploit the weakness to gain elevated access and potentially perform administrative-level actions.

    The vulnerability is rated CRITICAL with a CVSS v3.1 base score of 9.9. The CVSS vector string is:

    • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

    This score reflects the fact that the attack is:

    • Network-accessible (AV:N)
    • Requires low attack complexity (AC:L)
    • Needs only low privileges (PR:L)
    • Requires no user interaction (UI:N)
    • Has a high impact on confidentiality, integrity, and availability (C:H/I:H/A:H)

    Impacted Systems

    All versions of Azure Machine Learning compute environments are potentially affected. The vulnerability is relevant to cloud-hosted scenarios and may not directly impact on-premises solutions, as noted by the tag exclusively-hosted-service.

    Mitigation and Response

    Microsoft has published a security advisory and recommended actions. Although no public exploit is known at the time of publication, organizations using Azure ML are strongly urged to review Microsoft’s guidance:

    MSRC Advisory on CVE-2025-30390

    The advisory indicates that the vulnerability is not currently exploited in the wild, and exploitation is considered unlikely. However, due to the high impact, it remains a priority for remediation.

    Understanding the Risk

    This CVE demonstrates the risks of insufficient access control mechanisms in cloud-based machine learning platforms. In scenarios where compute resources are shared among users or teams, improper isolation and authorization logic can allow lateral movement or privilege abuse, violating the principle of least privilege (PoLP).

    The SSVC (Stakeholder-Specific Vulnerability Categorization) model applied by CISA further reinforces the urgency, classifying the technical impact as total and recommending swift coordination despite no current exploitation.

    Conclusion

    CVE-2025-30390 is a high-priority vulnerability for any organization leveraging Azure ML. The combination of low complexity and high impact makes it critical to address, even in the absence of known exploitation. Security teams should monitor vendor advisories closely and apply any available patches or mitigations.