CVE-2025-10725

Published: Sep 30, 2025Modified: Dec 24, 2025

9.9

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.1 / Impact: 6.0

Source: secalert@redhat.com (Secondary)

Description

A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.

Related CWEs

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

References (9)

https://access.redhat.com/errata/RHSA-2025:16981

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:16982

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:16983

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:16984

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:17501

Source: secalert@redhat.com

https://access.redhat.com/security/cve/CVE-2025-10725

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2396641

Source: secalert@redhat.com

https://github.com/opendatahub-io/opendatahub-operator/commit/070057ebd0882be0e397bee1daa18c36374a03c0

Source: secalert@redhat.com

https://github.com/opendatahub-io/opendatahub-operator/pull/2571

Source: secalert@redhat.com

Timeline

No history available yet.