Privilege Escalation Flaw in Red Hat OpenShift AI Service
CVE-2025-10725

9.9CRITICAL

Key Information:

Vendor: Red Hat
Status: Red Hat Openshift Ai 2.16; Red Hat Openshift Ai 2.19; Red Hat Openshift Ai 2.21; Red Hat Openshift Ai 2.22
Vendor: CVE Published:; 30 September 2025

Badges

📈 Score: 138📰 News Worthy

What is CVE-2025-10725?

CVE-2025-10725 is a privilege escalation vulnerability identified in the Red Hat OpenShift AI Service, which is designed to manage and deploy artificial intelligence applications on the OpenShift platform. This flaw allows a low-privileged attacker, who has access to an authenticated account—such as a data scientist utilizing a standard Jupyter notebook—to escalate their privileges to that of a full cluster administrator. The technical details reveal that this escalation could lead to the complete compromise of the cluster's confidentiality, integrity, and availability. If exploited, the attacker can gain unfettered access to sensitive data, disrupt operations, and take control of the underlying infrastructure, ultimately leading to a comprehensive breach of the platform and all applications hosted within it.

Potential impact of CVE-2025-10725

Data Breach: The vulnerability allows attackers to access sensitive information within the cluster, leading to potential data theft or unauthorized disclosure of critical data assets.
Service Disruption: By escalating privileges, an attacker can disrupt the services running on the OpenShift platform, potentially causing significant downtime and impacting business operations.
Infrastructure Control: Full administrative access enables the attacker to manipulate the entire infrastructure, leading to uncontrolled changes, potential malware deployment, or further exploits within the network.