InfoSecBulletin Cybersecurity for mankind
A new security flaw traced, CVE-2024-9042, poses a serious risk to Kubernetes clusters with Windows worker nodes. It has a Medium rating and a CVSS v3.1 score of 5.9, allowing attackers to execute commands on the host machine through the node’s /logs endpoint.
A vulnerability in the Kubelet component of Kubernetes affects Windows worker nodes. Attackers who can query a node’s /logs endpoint can exploit this flaw to execute commands on the host.
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
CIRT alert Situational Awareness for Eid Holidays
Cyberattack on Malaysian airports: PM rejected $10 million ransom
Micropatches released for Windows zero-day leaking NTLM hashes
VMware Patches Authentication Bypass Flaw in Windows Tool
IngressNightmare
Over 40% of cloud environments are vulnerable to RCE
(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass
Oracle refutes breach after hacker claims 6 million data theft
Organizations should evaluate their Kubernetes environments for these conditions:
Component: Kubelet
Affected Versions:
v1.32.0
v1.31.0 to v1.31.4
v1.30.0 to v1.30.8
<=v1.29.12
Clusters with the affected versions on Windows worker nodes are at risk. Upgrade the Kubelet on your Windows worker nodes to the updated patched versions for better system security.
v1.32.1
v1.31.5
v1.30.9
v1.29.13
It is recommended to update promptly to prevent potential exploitation.
System administrators can identify potential exploitation by reviewing cluster audit logs for unusual queries to the /logs endpoint. Focus on entries with unexpected input patterns.
CVE-2024-9042 has a Medium severity rating, but its impact on Kubernetes environments requires prompt mitigation.
Organizations using Kubernetes with Windows worker nodes should quickly apply fixes to avoid exploitation.
