Kubernetes Patch: 43% of Clusters Face Remote Takeover Risk

Immediate Patching Urged to Address Flaws in Widely Used Ingress Nginx Controller Mathew J. Schwartz (euroinfosec) • March 24, 2025

Critical vulnerabilities in the popular Kubernetes container management system need immediate patching to prevent attackers from taking control of cloud-based applications, management interfaces and more, researchers warn.

See Also: Enhance Cloud Security with AI-Driven Technologies

The open source Kubernetes project on Monday released Ingress Nginx Controller versions 1.12.1, 1.11.5 and 1.10.7. The controller, maintained by the core project team, is widely used to provide external access to Kubernetes applications.

Kubernetes is a popular open-source platform for managing containerized workloads and services. The system automates everything from software deployment to scaling and management.

Attackers who exploit these vulnerabilities can gain "unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover," said researchers - who ...