A ‘nightmare’, is how Wiz describes multiple critical vulnerabilities discovered in Ingress NGINX Controller for Kubernetes. These security leaks allow unauthorized access to all secrets in a Kubernetes cluster, making it possible to take them over completely.
The vulnerabilities, including CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, have been given a CVSS score of 9.8. According to the researchers, no less than 43 percent of all cloud environments are vulnerable to these attacks, with more than 6,500 clusters at immediate risk because they publicly expose the vulnerable admission controllers. Several Fortune 500 companies are also currently running clusters that are vulnerable and accessible via the public internet.
What is Ingress NGINX Controller?
Ingress NGINX Controller is one of the most popular ingress controllers for Kubernetes and a core project within the Kubernetes ecosystem. It has over 18,000 stars on GitHub. The controller acts as a gateway for incoming traffic to Kubernetes applications and routes this traffic to the correct services and pods based on defined rules. Wiz research shows that more than 41 percent of all internet-facing Kubernetes clusters use Ingress NGINX.
The vulnerability in detail
The core of the problem lies in the admission controller component of Ingress NGINX. This component validates incoming ingress objects before they are implemented. By default, admission controllers are accessible without authentication via the network, which makes them an attractive target for attackers.
When the Ingress NGINX admission controller processes an ingress object, it builds an NGINX configuration and validates it using the NGINX binary. The researchers discovered that it is possible to inject arbitrary NGINX configurations during this phase by sending a malicious ingress object directly to the admission controller.
During the configuration validation phase, the injected NGINX configuration causes the NGINX validator to execute code, which enables remote code execution (RCE) on the Ingress NGINX Controller pod. The elevated privileges and unrestricted network access of the admission controller create “a critical escalation path,” as Wiz points out. By exploiting this vulnerability, an attacker can execute arbitrary code and gain access to all cluster secrets, which can lead to complete takeover of the cluster.
Mitigation and detection
The vulnerability has been resolved in Ingress NGINX Controller version 1.12.1 and 1.11.5. Administrators are strongly advised to update to these versions as soon as possible and to ensure that the admission webhook endpoint is not exposed externally.
If an immediate update is not possible (if critical workloads are running on a particular cluster, for example), organizations can consider enforcing strict network policies so that only the Kubernetes API Server has access to the admission controller, or temporarily disable the admission controller component. Since business-critical workloads should already be better protected than their conventional counterparts, we must assume (and hope) that the majority of potentially vulnerable clusters are already securely protected.
Kubernetes is not inherently safe or secure by design. As the top 10 vulnerabilities identified by OWASP show, things can go wrong in all kinds of ways for organizations. The top 10 already pointed to risks such as misconfigured cluster components and vulnerable authentication mechanisms.
Discovery by Wiz Research
Wiz discovered these vulnerabilities while researching Kubernetes Admission Controllers. These controllers form an often overlooked attack surface in Kubernetes environments because they often operate without authentication and run with relatively high privileges within the cluster. It is easy to guess why ‘IngressNightmare’ is so named; system administrators who do not solve these problems risk sleepless nights.
The researchers discovered multiple ways to inject new directives into the code responsible for generating temporary NGINX configuration files. By then using the ssl_engine directive, they could load arbitrary shared libraries during the NGINX configuration test phase, resulting in RCE.
Wiz often publishes findings via its own Research team, but the company itself has been making headlines by other means. Google’s parent company Alphabet is buying it for 32 billion dollars, assuming regulatory hurdles are cleared.
Also read: What are Google’s plans for cloud security provider Wiz?