CVE-2025-1974: ingress-nginx admission controller RCE escalation
First published: Mon Mar 24 2025(Updated: )
<p>Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources.</p> <p>Azure Kubernetes Service (AKS) is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-1097, CVE-2025-24514, and CVE-2025-24513.</p> <p>Customers running this controller on their AKS clusters are advised to update to the latest patched versions (v1.11.5 and v1.12.1) to mitigate potential risks.</p>
Credit: jordan@liggitt.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Azure Kubernetes Service Node on Azure Linux | ||
| go/k8s.io/ingress-nginx | >=1.12.0-beta.0<1.12.1 | 1.12.1 |
| go/k8s.io/ingress-nginx | <1.11.5 | 1.11.5 |
| F5 BIG-IP Next Central Manager |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-1974 (Advisory)
- https://https://github.com/kubernetes/kubernetes/issues/131009
- https://www.theregister.com/2025/03/25/kubernetes_flaw_rce_risk/
- https://nvd.nist.gov/vuln/detail/CVE-2025-1974
- https://github.com/kubernetes/kubernetes/issues/131009
- https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.11.5
- https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.12.1
- https://groups.google.com/g/kubernetes-security-announce/c/2qa9DFtN0cQ
- https://github.com/advisories/GHSA-mgvx-rpfc-9mpv (Advisory)
- https://my.f5.com/manage/s/article/K000150538
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2025-1974?
CVE-2025-1974 has been classified with a high severity indicating potential remote code execution risks.
What are the potential impacts of CVE-2025-1974?
CVE-2025-1974 could allow attackers to execute arbitrary code within Kubernetes clusters, compromising security.
How do I fix CVE-2025-1974?
To mitigate CVE-2025-1974, it is recommended to upgrade to the latest version of the ingress-nginx controller that addresses this vulnerability.
Which software is affected by CVE-2025-1974?
CVE-2025-1974 specifically affects the Azure Kubernetes Service using the ingress-nginx controller.
When was CVE-2025-1974 disclosed?
CVE-2025-1974 was disclosed in March 2025 as part of ongoing security assessments for Kubernetes.
- collector/msrc
- source/Microsoft
- collector/msrc-cve
- agent/type
- agent/first-publish-date
- agent/software-canonical-lookup
- collector/the-register
- source/The Register
- alias/CVE-2025-1974
- alias/CVE-2025-1097
- alias/CVE-2025-1098
- alias/CVE-2025-24514
- alias/CVE-2025-24513
- agent/title
- agent/author
- agent/weakness
- agent/trending
- agent/references
- agent/source
- agent/description
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-mgvx-rpfc-9mpv
- agent/event
- agent/softwarecombine
- agent/news-ai
- agent/severity
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- collector/nvd-cve
- collector/f5-advisory
- source/F5
- vendor/microsoft
- canonical/microsoft azure kubernetes service node on azure linux
- package-manager/go
- vendor/f5