Privilege Escalation Flaw in Red Hat OpenShift AI Service
CVE-2025-10725

9.9CRITICAL

Key Information:

Vendor

Red Hat
Status
Red Hat Openshift Ai (rhoai)
Vendor
CVE Published:
30 September 2025

What is CVE-2025-10725?

A security flaw exists in Red Hat OpenShift AI Service that allows low-privileged users, such as data scientists utilizing standard Jupyter notebooks, to elevate their access to full cluster administrator privileges. This escalation permits unauthorized access to sensitive data, complete disruption of services, and control over the underlying infrastructure, potentially resulting in a significant breach affecting the overall security and reliability of hosted applications.

References

https://access.redhat.com/security/cve/CVE-2025-10725
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2396641
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-10725 : Privilege Escalation Flaw in Red Hat OpenShift AI Service