Kubernetes: NodeRestriction Bypass Leads to Potential Privilege Escalation - Proactive Insights and Support For Open-Source Applications

In Kubernetes kube-apiserver versions 1.32.0 up to 1.32.5 and 1.33.0 up to 1.33.1 a high severity vulnerability CVE-2025-4563 was detected. This vulnerability allows compromised nodes to bypass authorization checks during pod creation and access unauthorized dynamic resources, potentially leading to privilege escalation. To address this issue, users should upgrade Kubernetes kube-apiserver to versions 1.32.6 or later, 1.33.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-4563.