CVE-2025-10725

CRITICAL 9.9

Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin

CVSS Score

9.9

EPSS Score

0.0%

EPSS Percentile

0th

A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.

CWE	CWE-266
Vendor	opendatahub-io
Product	opendatahub-operator
Published	Sep 30, 2025
Last Updated	Dec 24, 2025

Stay Ahead of the Next One

Get instant alerts for opendatahub-io opendatahub-operator

Be the first to know when new critical vulnerabilities affecting opendatahub-io opendatahub-operator are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

opendatahub-io / opendatahub-operator

0 < 3.0.0

Red Hat / Red Hat OpenShift AI 2.16

All versions affected

Red Hat / Red Hat OpenShift AI 2.19

All versions affected

Red Hat / Red Hat OpenShift AI 2.21

All versions affected

Red Hat / Red Hat OpenShift AI 2.22

All versions affected

Red Hat / Red Hat OpenShift AI 2.24

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

access.redhat.com: https://access.redhat.com/errata/RHSA-2025:16981 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:16982 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:16983 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:16984 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:17501 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-10725 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2396641 github.com: https://github.com/opendatahub-io/opendatahub-operator/commit/070057ebd0882be0e397bee1daa18c36374a03c0 github.com: https://github.com/opendatahub-io/opendatahub-operator/pull/2571

Credits

This issue was discovered by Jon Weiser (Red Hat), Oleg Sushchenko (Red Hat), and Raul Bringas (Red Hat).