Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam
First published: 26 Mar 2025
Last updated: 26 Mar 2025

Content written for

Small & medium business
Large organisations & infrastructure
Government

This alert is relevant to Australians who use Ingress-NGINX Controller for Kubernetes.

These vulnerabilities impact versions prior to:

  • NGINX Controller version 1.12.1 and 1.11.5

This alert is intended to be understood by technical users. Customers are encouraged to patch to the latest version.

Background / What has happened?

  • Kubernetes maintainers have published an advisory detailing the following vulnerabilities in Ingress-NGINX Controller that could allow unauthenticated remote code execution and full cluster takeover:
    • CVE-2025-1097
    • CVE-2025-1098
    • CVE-2025-1974
    • CVE-2025-24513
    • CVE-2025-24514
  • Ingress-NGINX Controller enables configurable routing of external traffic to services within a Kubernetes cluster.
  • Exploitation of these vulnerabilities could allow an actor to execute arbitrary code, access all cluster secrets across namespaces, and potentially lead to complete cluster takeover.

Mitigation / How do I stay secure?

The ASD’s ACSC recommends businesses, organisations, and government entities:

  • Review the advice and monitor the guidance at the official Kubernetes maintainer’s Ingress-NGINX Github Repository Kubernetes - Ingress-NGINX Releases
  • Update to the latest version of Ingress-NGINX Controller.
  • Ensure the admission webhook endpoint is not exposed externally.

Further information and details can be found at:

Assistance / Where can I go for help?

Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it