Kubernetes security flaw lets hackers obtain elevated privileges and take over nodes

Kubernetes are often used by developers, but it was recently discovered that the default installation of Kubernetes had a severe security flaw.

The good news is that this isn’t an ongoing issue anymore, but keep on reading to learn how to properly protect yourself.

A critical Kubernetes security flaw was recently patched

As TechRadar writes, this flaw was discovered by Akami researchers, and it was tracked as CVE-2023-5588.

To utilize this vulnerability, hackers had to apply malicious YAML files on the cluster. This would allow them to perform remote code execution with SYSTEM privileges on all Windows endpoints within a cluster.

Essentially, the attackers were able to completely take over all Windows nodes in a cluster. This isn’t the only issue, the same researchers found another flaw and tracked it as CVE-2023-3676.

This flaw had a severity of 8.8 and was triggered by the lack of sanitization of the subPath parameter in YAML files. This allowed hackers an opportunity to perform a malicious injection and run their code.

To prevent issues such as these, it’s crucial to verify the configuration of YAML files. Luckily, the issue was patched last November, and if you’re using v1.28.4, v1.27.8, v1.26.11, or v1.25.16 you’re safe.

Other services can be impacted by vulnerabilities, and we recently wrote about Microsoft Office and Skype critical vulnerabilities that are giving users trouble.

Speaking of security, did you know that 87% of UK companies are vulnerable to AI cyberattacks?