Operator SDK <0.15.2 RCE via insecure user_setup /etc/passwd
CVE-2025-7195 Published on August 7, 2025

Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2025-7195 can be exploited with local system access, and requires user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity, and a small impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
HIGH
Availability Impact:
LOW

Timeline

Reported to Red Hat.

Made public. 34 days later.

Weakness Type

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.


Products Associated with CVE-2025-7195

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-7195 are published in these products:

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Affected Versions

operator-framework operator-sdk: Red Hat RHEL-9-CNV-4.17: Red Hat RHEL-9-CNV-4.18: Red Hat RHEL-9-CNV-4.20: Red Hat Compliance Operator 1: Red Hat Compliance Operator 1: Red Hat File Integrity Operator 1: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.6: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.7: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.8: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat multicluster engine for Kubernetes 2.9: Red Hat Advanced Cluster Management for Kubernetes 2.11: Red Hat Advanced Cluster Management for Kubernetes 2.11: Red Hat Advanced Cluster Management for Kubernetes 2.11: Red Hat Advanced Cluster Management for Kubernetes 2.11: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.12: Red Hat Advanced Cluster Management for Kubernetes 2.13: Red Hat Advanced Cluster Management for Kubernetes 2.13: Red Hat Advanced Cluster Management for Kubernetes 2.13: Red Hat Advanced Cluster Management for Kubernetes 2.13: Red Hat Advanced Cluster Management for Kubernetes 2.13: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Advanced Cluster Management for Kubernetes 2.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.14: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.15: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.16: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.17: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Openshift Data Foundation 4.18: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Engine for Kubernetes: Red Hat Multicluster Global Hub: Red Hat Multicluster Global Hub: Red Hat Multicluster Global Hub: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Management for Kubernetes 2: Red Hat Advanced Cluster Security 4: Red Hat build of Apicurio Registry 2: Red Hat build of Apicurio Registry 3: Red Hat Fuse 7: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Container Platform 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat OpenShift Virtualization 4: Red Hat Web Terminal: Red Hat Web Terminal:

Exploit Probability

EPSS
0.00%
Percentile
0.17%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.