By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > Computing > Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
Computing

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

News Room
Last updated: 2025/10/01 at 9:48 AM
News Room Published 1 October 2025
Share
SHARE

Oct 01, 2025Ravie LakshmananAI Security / Cloud Security

A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions.

OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial intelligence (GenAI) models at scale and across hybrid cloud environments. It also facilitates data acquisition and preparation, model training and fine-tuning, model serving and model monitoring, and hardware acceleration.

The vulnerability, tracked as CVE-2025-10725, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been classified by Red Hat as “Important” and not “Critical” in severity owing to the need for a remote attacker to be authenticated in order to compromise the environment.

“A low-privileged attacker with access to an authenticated account, for example, as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator,” Red Hat said in an advisory earlier this week.

DFIR Retainer Services

“This allows for the complete compromise of the cluster’s confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.”

The following versions are affected by the flaw –

  • Red Hat OpenShift AI 2.19
  • Red Hat OpenShift AI 2.21
  • Red Hat OpenShift AI (RHOAI)

As mitigations, Red Hat is recommending that users avoid granting broad permissions to system-level groups, and “the ClusterRoleBinding that associates the kueue-batch-user-role with the system:authenticated group.”

“The permission to create jobs should be granted on a more granular, as-needed basis to specific users or groups, adhering to the principle of least privilege,” it added.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article Meta will use your chats with AI to sell hyper-targeted ads – 9to5Mac
Next Article These are the best AT&T deals you’ll find this October
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

Effective Error Handling: A Uniform Strategy for Heterogeneous Distributed Systems
News
The TechBeat: The Day the Cloud Cracked: AWS Outage Exposes Fragility of Centralized Internet (10/27/2025) | HackerNoon
Computing
Turn Your Pet Photos Into Cute iPhone Emoji in a Few Easy Steps
News
Apple Maps could be about to make a huge mistake and copy the worst part of Google Maps and Waze — ads
News

You Might also Like

Computing

The TechBeat: The Day the Cloud Cracked: AWS Outage Exposes Fragility of Centralized Internet (10/27/2025) | HackerNoon

6 Min Read
Computing

Turbosqueeze Realtime Multi-Threaded Compression Aims To Compete With Zstd, Snappy

1 Min Read
Computing

Huawei, vivo, and OPPO help establish first global fast-charging standard under ITU · TechNode

0 Min Read
Computing

AI Parsing of Commercial Proposals: How to Accelerate Proposal Processing and Win Clients | HackerNoon

14 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?