Critical Kubernetes Image Builder credential vulnerability allows for virtual machine SSH access

However, when one builds a Kubernetes VM image, it comes with a set of default credentials, which are the same for every user. As a result, crooks can easily access virtual machines with root privileges.

Randomly generated password

According to The Register, VM images built with the Proxmox provider are most at risk. The flaw on this platform is tracked as CVE-2024-9486, and carries a severity rating of 9.8/10, meaning it’s critical. Image Builder version 0.1.37, or earlier, are flawed, and it is recommended users migrate to Image Builder v0.1.38, or later, as soon as possible.

In this version, every new image build will be given a randomly generated password, with the builder account being terminated at the end of the build process.

Users that end up upgrading Image Builder should also re-deploy new images to any affected VMs, the publication stressed.

Besides Proxmox, there are other providers who are at risk, too - including Nutanix, OVA, QEMU, and others: However, in these instances, the severity rating is 6.3, since they disable the default credentials at the end of the image build process, and thus give the threat actor a much smaller window of opportunity.

Those that are unable to apply the patch at the moment should disable the builder account and thus mitigate the risk.

Via The Register

More from TechRadar Pro

• AWS has patched a rather embarrassing Kubernetes bug
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now