Blog Security Research What a Cluster: Local Volumes Vulnerability in Kubernetes Tomer Peled is a Security Researcher at Akamai. In his daily job, he conducts research ranging from vulnerability research to OS internals. In his free time, he likes to cook, do Krav Maga, and game on his PC. Being aware of the lack of input sanitization in Kubernetes source code means you can take outside precautions to help avoid a serious security impact. Editorial and additional commentary by Tricia Howard Executive summary \r\n Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2. \r\n \r\n \r\n \r\n The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster. \r\n \r\n This vulnerability can lead to full takeover on all Windows nodes in a cluster.…