Container Privilege Escalation Flaw in Multicluster Engine for Kubernetes by Red Hat
CVE-2025-57851

6.4MEDIUM

Key Information:

Vendor: Red Hat
Status: Multicluster Engine For Kubernetes
Vendor: CVE Published:; 8 April 2026

What is CVE-2025-57851?

A container privilege escalation vulnerability exists in specific images of the Multicluster Engine for Kubernetes. The issue arises from the /etc/passwd file being created with group-writable permissions during the build process. If an attacker gains command execution capabilities within an affected container, even as a non-root user, they can exploit their affiliation with the root group to alter the /etc/passwd file. This manipulation can permit the attacker to introduce a new user with any arbitrary UID, including UID 0, thereby granting them full root access to the container.

References

https://access.redhat.com/security/cve/CVE-2025-57851

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2391104

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Aug 21, 2025

Credit

Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue.

CVE-2025-57851 Data

JSON