Gli endpoint Windows are in danger of remote code execution due to a recently discovered vulnerability in Kubernetes. This is the alarm raised by Akamaiwhich reported the flaw now known by the code name CVE-2023-3676.
This vulnerability apparently puts all Windows nodes within Kubernetes environments at high risk, presenting itself with a CVSS severity score of 8.8 are 10. In this regard, therefore, Akamai urges companies that use Kubernetes to patch their systems immediately.
Kubernetes is an open source system for organizing software containers or servers and is designed to help companies better manage their growing commitments in context cloud.
Some of the largest companies in the world have adopted this solution. An example in this sense? Microsoft itself uses this platform to run much of the services behind it Office 365 e Microsoft 365. All this makes us understand how critical this vulnerability is.
There are 900,000 Kubernetes structures potentially at risk
CVE-2023-3676 makes all Windows endpoints within Kubernetes clusters vulnerable to remote code execution by attackers. To exploit the vulnerability, the attacker must apply a exploit on a target cluster written in YAMLa programming language prevalent in all Kubernetes architectures.
This malware requires only low privileges to function, thus providing an easy landing place for cybercriminals. According to Akamai researcher Tom Peled “Successful exploitation of this vulnerability will lead to remote code execution on any Windows node on the machine with SYSTEM privileges“.
The security company Cyble warned in a report last year that beyond 900,000 structures are potentially exposedwhich means they are vulnerable to malicious scans or cyber attacks that can lead to exposure of stored data.
“Online scanners have made it easy for security researchers to spot asset exposure“, explains the notice. “At the same time, malicious hackers can also investigate the exposed Kubernetes instance for a particular organization, increasing the risk of attack“.