AI description
CVE-2025-10725 is a vulnerability found in Red Hat OpenShift AI (RHOAI). It stems from an overly permissive ClusterRole assignment that links the built-in system: authenticated group to the kueue-batch-user-role. This misconfiguration allows any authenticated user broad job-creation rights across the cluster. A low-privileged attacker with an authenticated account, like a data scientist using a standard Jupyter notebook, can exploit this flaw to gain full cluster administrator privileges. Once elevated, the attacker can compromise the cluster's confidentiality, integrity, and availability, potentially stealing sensitive data, disrupting services, and controlling the underlying infrastructure.
- Description
- A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.
- Source
- secalert@redhat.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- secalert@redhat.com
- CWE-266
- Hype score
- Not currently trending
Vulnerabilidad crítica en OpenShift AI permite el control total de clústeres https://t.co/x7GaL82hdx Hace poco se dio a conocer información sobre un fallo (CVE-2025-10725) crítico en Red Hat OpenShift AI Service. Este fallo, que afecta directamente a los entornos utilizados p
@laboratoriolinu
19 Oct 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Vulnerabilidad: CVE-2025-10725 🔴 Título: Vulnerabilidad crítica en Red Hat OpenShift AI Service – Escalada de privilegios ⚠️ Nivel de Urgencia: Alto / Crítico 📊 Puntuación CVSS: 9.9 https://t.co/XgYPN5a503
@BanCERT_gt
10 Oct 2025
36 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en productos de Red Hat ❗CVE-2025-10725 ➡️Más info: https://t.co/w0I1onEA68 https://t.co/87SvU4QTeY
@CERTpy
6 Oct 2025
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Se encontró una vulnerabilidad (CVE-2025-10725) en Red Hat Openshift AI Service. Este fallo permite a un usuario autenticado con privilegios mínimos escalar permisos y tomar el control del clúster. (1/2). (Fuente: NVD). https://t.co/u8uLGsBnXb
@JoseLuis_N4N0
5 Oct 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Red Hat OpenShift AI Privilege Escalation Vulnerability (CVE-2025-10725) A critical flaw (CVE-2025-10725) in Red Hat’s OpenShift AI service allows a low-privileged authenticated user (for instance, a “data scientist” running in a Jupyter notebook) to escalate privileges an
@SPSDigitalTech
4 Oct 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HACKERS IN YOUR MODEL PIPELINE: Severe OpenShift AI Flaw (CVE-2025-10725) Actively Exploited in the Wild. Read the full report on - https://t.co/BvsIKDTSrg https://t.co/zm2wTRXkyv
@Iambivash007
4 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Se reporta la vulnerabilidad crítica CVE-2025-10725 en Red Hat OpenShift AI, que presuntamente permitiría a un usuario autenticado con permisos bajos escalar privilegios hasta administrador del clúster, poniendo en riesgo la confidencialidad, integridad y disponibilidad. Aunqu
@tpx_Security
3 Oct 2025
91 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-10725: Red Hat OpenShift AI flaw (CVSS 9.9) could let low-privileged users escalate to full cluster admins, risking complete takeover of infrastructures. 🔗 Read more: https://t.co/sucFCv19Lw ✍ Josh Breaker-Rolfe #OpenShiftAI #ISBNews
@Info_Sec_Buzz
3 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Red Hat OpenShift AI に深刻な権限昇格の脆弱性(CVE-2025-10725) https://t.co/MpEqvBQvXP #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
3 Oct 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Flaw Exposes Red Hat OpenShift AI Clusters: A critical vulnerability in Red Hat OpenShift AI (CVE-2025-10725) allows authenticated attackers to gain full cluster control, impacting LLM deployments. https://t.co/AeK0DmfU4T
@vpodk
2 Oct 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability (CVE-2025-10725) in Red Hat OpenShift AI allows attackers to escalate privileges. Affected versions: 2.19, 2.21, RHOAI. Red Hat advises limiting permissions, especially for system groups, and granting job creation rights selectively to reduce #CyberSecurity
@bigmacd16684
2 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I created a PoC for CVE-2025-10725 - Red Hat Openshift AI Service - Patch this ASAP! https://t.co/2cQPyzL9UK https://t.co/2avfh4J4OE
@gothburz
2 Oct 2025
366 Impressions
0 Retweets
2 Likes
4 Bookmarks
1 Reply
0 Quotes
🚨 Une faille critique (9,9/10) dans #RedHat OpenShift AI (CVE-2025-10725) permet à des utilisateurs à faibles privilèges de devenir admin complet du cluster. #AI #CVE https://t.co/q89KFG6LAb
@cert_ist
2 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover (CVE-2025-10725) https://t.co/wS3cr6fhXa #patchmanagement
@eyalestrin
2 Oct 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10725: Red Hat OpenShift AI Bug Exposes Hybrid Cloud to Attack #RedHat #OpenShiftAI #CVE202510725 #CyberSecurity #CloudSecurity #HybridCloud #PrivilegeEscalation #AIsecurity #DataProtection #Infosec https://t.co/evsK4IaVBs
@cyashadotcom
2 Oct 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝! A 9.9 CVSS flaw in OpenShift AI lets low-priv users gain admin access. Learn how to fix CVE-2025-10725 before attackers strike. 📖 Check the detailed report → https
@PurpleOps_io
2 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🟥 CVE-2025-10725, CVSS: 9.9 (#Critical) Red Hat Openshift AI Service A privilege escalation vulnerability. Low-privileged authenticated users can escalate privileges to full cluster administrator. Attackers can steal sensitive data, disrupt services, and control the https:
@UjlakiMarci
2 Oct 2025
224 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 A single Jupyter notebook user could hijack an entire AI platform. Red Hat OpenShift AI flaw (CVE-2025-10725) lets low-privileged accounts escalate to full cluster admin—total takeover possible. That’s not the scariest part ↓ https://t.co/u7T8B9OaNC
@ysyed8724
2 Oct 2025
27 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Red Hat Openshift AI Service Vulnerability Lets Attackers Take Full Control of Cloud Infrastructure Read more: https://t.co/SQcXo3OyEz Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable
@The_Cyber_News
2 Oct 2025
1529 Impressions
11 Retweets
30 Likes
8 Bookmarks
0 Replies
0 Quotes
CVE-2025-10725 CVSSv3.1で9.9。権限設定を見直す緩和策をアナウンスとの事。利用者はサポートありのはずなのでRH問合せですねぇ:【セキュリティ ニュース】「Red Hat OpenShift AI」に脆弱性 - クラスタ管理者権限奪取
@tamosan
1 Oct 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert: CVE-2025-10725 in Red Hat OpenShift AI is a privilege escalation time bomb - any authenticated user (even a data scientist) can pivot to cluster admin. If you run RHOAI, revoke broad ClusterRoleBindings now, audit your role bindings, and hunt for suspicious job-creation ht
@zeeshankghouri
1 Oct 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical flaw in Red Hat OpenShift AI (CVE-2025-10725, CVSS 9.9) lets authenticated users escalate privileges and fully control hybrid cloud clusters. Least privilege policies are essential. #OpenShift #HybridCloud #RedHat https://t.co/7HdRd7pylj
@TweetThreatNews
1 Oct 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10725 (CVSS 9.9): Red Hat OpenShift AI Privilege Escalation Flaw Could Lead to Full Cluster Compromise . Read the full report on - https://t.co/fKvjgCXAul https://t.co/ygm7ZJTL81
@Iambivash007
1 Oct 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔷 CRITICAL FLAW ALERT for Red Hat OpenShift AI! ⚠️ 🔹 A low-privileged authenticated user can exploit CVE-2025-10725 (CVSS 9.9) to gain full cluster admin privileges. This allows a complete takeover of your hybrid cloud infrastructure and sensitive data theft. 🔹Aff
@Times_of_Cinema
1 Oct 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A single Jupyter notebook user could hijack an entire AI platform. Red Hat OpenShift AI flaw (CVE-2025-10725) lets low-privileged accounts escalate to full cluster admin—total takeover possible. That’s not the scariest part ↓ https://t.co/z1CqQNggvo
@TheHackersNews
1 Oct 2025
10738 Impressions
34 Retweets
86 Likes
13 Bookmarks
1 Reply
4 Quotes
🚨 CRITICAL: CVE-2025-10725 lets low-priv users in Red Hat OpenShift AI escalate to full admin—entire cluster at risk! Audit access & monitor now. Patch ASAP. 🔒 Details: https://t.co/JHNUj8lSSb #OffSeq #RedHat ... https://t.co/Y8nHpO1Shw
@offseq
1 Oct 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-10725 A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard … https://t.co/f95LqFWcKQ
@CVEnew
30 Sept 2025
376 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-10725: CRITICAL] Flaw in Red Hat Openshift AI Service allows low-privileged attackers to escalate privileges to full cluster admin, compromising confidentiality, integrity, and availability.#cve,CVE-2025-10725,#cybersecurity https://t.co/NWIeGAc4OE https://t.co/jl4DPKKQ
@CveFindCom
30 Sept 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes