Join us

Kubernetes Image Builder Vulnerability Grants Root Access to Windows Nodes

A critical CVE-2025-7342 haunts Kubernetes Image Builder v0.1.44 and earlier. It ships Nutanix/OVA images with default Windows Administrator creds intact. That slip-up invites root access on Windows nodes. Linux builds and other providers dodge this bullet. Mixed clusters run hot until images rebuild or passwords rotate. Jump to v0.1.45+. It demands `WINDOWS_ADMIN_PASSWORD` or `admin_password` in your JSON. Default-credential attack, kaput.


Let's keep in touch!

Stay updated with my latest posts and news. I share insights, updates, and exclusive content.

By subscribing, you share your email with @faun and accept our Terms & Privacy. Unsubscribe anytime.

Give a Pawfive to this post!


Only registered users can post comments. Please, login or signup.

Start blogging about your favorite technologies, reach more readers and earn rewards!

Join other developers and claim your FAUN.dev account now!

Avatar

The FAUN

@faun
A worldwide community of developers and DevOps enthusiasts!
Developer Influence
3k

Influence

302k

Total Hits

1

Posts