Privilege escalation in Opendatahub-io Opendatahub-operator
CVE-2025-10725
A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster adminis…
EPSS: 0.007 (48.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Opendatahub-io Opendatahub-operator — versions 0
- Red Hat Openshift Ai 2.16 — versions sha256:cebc8815e03b772343b15d0a7dce8fad6fcc71dd437d871db5a3691472350803
- Red Hat Openshift Ai 2.19 — versions sha256:43a8904396e55074ffb1afcfcd8fe6db0edcbc918a8ff8301b6b0920aea7eabf
- Red Hat Openshift Ai 2.21 — versions sha256:db339d2d4f86af4efa695ef193d19e26b25fec80017fa2780833a4cd944e383b
- Red Hat Openshift Ai 2.22 — versions sha256:dccc7c6cf920da7ffeadbad42f5727f2d58d54ceef399ac98441345d06ff10c4
- Red Hat Openshift Ai 2.24 — versions sha256:12c1d1066e75951aad1d333bcbc1675ba7a795b57744294c23decec1655709c7
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_REDHAT, vdb-entry)
- secalert@redhat.com (x_refsource_REDHAT, issue-tracking)
- secalert@redhat.com
- secalert@redhat.com
Frequently asked questions
- What is CVE-2025-10725?
- CVE-2025-10725 is a critical-severity vulnerability in Opendatahub-io Opendatahub-operator, classified under Incorrect Privilege Assignment. CVSS score: 9.9/10. Published 2025-09-30.
- How severe is CVE-2025-10725?
- Critical severity. CVSS v3 base score is 9.9 out of 10.
- Is CVE-2025-10725 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.