Thousands of Kubernetes clusters, including those powering major Fortune 500 companies, are now vulnerable to a newly discovered critical exploit chain dubbed IngressNightmare Kubernetes vulnerability. The flaw exposes 6,500 publicly accessible Kubernetes clusters — about 41% of all internet-facing deployments — to complete takeover by remote attackers.
Security researchers from Wiz uncovered the alarming set of vulnerabilities within the popular Ingress NGINX Controller. A widely used component that helps route traffic from the outside world into Kubernetes environments. According to Wiz, the vulnerabilities make it possible for unauthenticated attackers to execute arbitrary commands. And seize control over entire Kubernetes clusters.
How the IngressNightmare Vulnerability Chain Works
The attack chain involves four distinct vulnerabilities tracked as CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974. Three of these allow malicious actors to inject unauthorized NGINX configuration directives into affected systems. However, achieving remote code execution (RCE) requires chaining these bugs with CVE-2025-1974. A combination that forms the highly critical IngressNightmare Kubernetes vulnerability, carrying a CVSS score of 9.8.
At the heart of the issue is the Ingress NGINX admission controller — the component tasked with validating or modifying incoming Ingress objects before they’re accepted by the Kubernetes API server. Wiz discovered that poor validation of certain fields allowed attackers to sneak in harmful configurations.
“By exploiting the admission controller’s weak input validation, attackers can bypass Kubernetes API authentication and directly manipulate NGINX directives on exposed systems,” Wiz explained. Once the malicious configuration is validated, the NGINX validator processes it, leading to remote code execution inside the Ingress NGINX Controller’s pod.
What makes this worse is the admission controller’s elevated privileges and wide network reach. This creates a perfect storm, enabling attackers to extract sensitive cluster secrets across namespaces — a pathway to complete cluster compromise.
The scope of this vulnerability is massive, especially considering how deeply embedded Kubernetes has become in modern tech stacks. A 2024 industry survey revealed that 72% of organizations now run business-critical databases on Kubernetes, while 67% power analytics applications and over half use Kubernetes for AI and machine learning workloads.
These figures highlight just how devastating an exploit like IngressNightmare could be if left unpatched. Once inside, attackers could hijack critical business applications or exfiltrate sensitive data.
Wiz’s head of research, Nir Ohfeld, emphasized the severity: “During months of collaboration with Kubernetes maintainers, we discovered several flaws and bypassed their initial patches. It took multiple iterations to fully close the attack surface. Still, we urge organizations to avoid exposing admission controllers to the public internet.”
One major concern is that many organizations unknowingly leave their admission controllers exposed due to misconfigurations or lack of visibility — especially in complex multi-cluster or hybrid environments. According to Wiz, there’s rarely a valid reason for an admission controller to be reachable from the open internet. Yet, many companies are unintentionally creating these attack windows.
Ohfeld added that even internal-only admission controllers aren’t safe. Attackers could exploit IngressNightmare through indirect paths — such as abusing server-side request forgery (SSRF) vulnerabilities in other software running within the cluster.
“Even without direct internet exposure, any foothold inside the cluster — like an SSRF bug — could provide the access needed to trigger this vulnerability,” he warned. Skilled attackers wouldn’t struggle to weaponize these flaws for full cluster control.
Urgent Recommendations for Kubernetes Users
The maintainers of Kubernetes have now released patches addressing the IngressNightmare Kubernetes vulnerability. Organizations are strongly advised to update their Ingress NGINX Controller versions to 1.12.1, 1.11.5, or 1.10.7 immediately.
For those unable to patch right away, Wiz recommends:
- Restricting access: Ensure only the Kubernetes API server can interact with the admission controller.
- Reviewing network exposure: Disable admission controllers if they’re unnecessary.
- Implementing least privilege: Limit permissions for web-facing components.
- Enhancing monitoring: Watch for signs of configuration injection or abnormal NGINX behavior.
With Kubernetes now the backbone of countless critical applications, organizations cannot afford to delay addressing this exposure. In an era where container orchestration is everywhere, IngressNightmare is a wake-up call for teams to rethink their Kubernetes security posture — starting with admission controller visibility and hardening.
