CVE-2025-57852

30.09.2025, 15:15

A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.2 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L
redhat	CNA	5.2 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References

https://access.redhat.com/security/cve/CVE-2025-57852

https://bugzilla.redhat.com/show_bug.cgi?id=2391105