Command injection vulnerability in Kubernetes / Secorion is coming, don’t play hide — and — seek

According to a report by security firm Akamai, Kubernetes, a container cluster management system open-sourced by Google. The high-severity vulnerability CVE-2023–3676 (k8s) identified two additional command injection vulnerabilities, CVE-2023–3955 and CVE-2023–3893. These vulnerabilities have the same root cause, namely insecure function calls and lack of user input sanitization, allow remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster, and this vulnerability can be exploited on the default installation of Kubernetes. (PANews report)

Kubernetes is a container architecture on Google, which is basically based on micro-service management and deployment in the cloud (especially GCP). In simple terms, CVE-2023–3676 is the discovery of existing backdoor code on K8s that can be exploited, and an update file should be available soon to close the vulnerability. This time it was found that the SYSTEM permission on Windows OS can skip the level to fight monsters, so use Secorion to record the log of accessing the SYSTEM permission, and upload it to SDChain as a certificate, Can MIS rely on this certificate to reduce dimensionality and attack? (SDChain report)

SixDomainChain (SDChain) is the world’s first decentralized public blockchain ecosystem that integrates international standards of IoT Six-Domain Model and reference architecture standards for distributed blockchain.