CVE-2025-57851

MEDIUM EPSS 1.7%

Published Apr 8, 20262mo ago · Modified Jun 17, 20261w ago

6.7 CVSS 3.1

Medium

Published Apr 8, 2026 2mo ago

Last Modified Jun 17, 2026 1w ago

Description

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

CVSS Details

Base Score

6.7

Exploitability

0.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required High

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

1.7% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-276

Affected Products 1

Vendor	Product	Version	Range
redhat	advanced_cluster_management_for_kubernetes	*	any

References 2

access.redhat.com https://access.redhat.com/security/cve/CVE-2025-57851

Vendor Advisory
bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2391104

Issue TrackingVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.