Kubernetes security: three new interrelated vulnerabilities affecting the Windows versions of Kubelet and the Kubernetes CSI proxy. Learn more.

Armo provides a cloud security platform, focusing on Kubernetes security through its open-source tool, Kubescape. The platform offers runtime-driven security posture management, behavioral-based cloud detection and response, and runtime-based vulnerability management.

Armo

Kubelet Vulnerabilities on Windows Nodes: CVE-2023-3676 ARMO named in Gartner® Cool Vendors™ report. A recurring theme among these vulnerabilities is a lapse in input sanitization in the Windows specific porting of the Kubelets.

Kubelet Vulnerabilities on Windows Nodes: CVE-2023-3676

Kubelet privilege escalation via Pod spec command injection – CVE-2023-3676

Kubelet privilege escalation – CVE-2023-3955

Kubernetes CSI proxy privilege escalation – CVE-2023-3893

Kubernetes security platform { powered by Kubescape }. Free forever.