CVE-2026-54100 Red Hat CVE debrief

Who should care

Defenders of Red Hat OpenShift Container Platform environments with Windows worker nodes should prioritize this vulnerability. Security teams responsible for OpenShift clusters, especially those with Windows nodes, need to assess their exposure and take mitigation steps. This vulnerability could allow attackers to gain unauthorized access to Windows nodes in the cluster.

Technical summary

The Windows Machine Config Operator (WMCO) establishes SSH connections to Windows worker nodes without verifying the remote server host key. This flaw enables an adjacent-network attacker to intercept or redirect WMCO's SSH session, potentially capturing WICD and kubelet bootstrap credentials. These credentials are transferred during node configuration and could allow the attacker to compromise Windows node identities in the cluster. The vulnerability is classified under CWE-295.

Defensive priority

High priority due to potential for credential capture and node compromise in OpenShift clusters with Windows nodes.

Recommended defensive actions

• Review and update WMCO configurations to ensure proper SSH host key verification.
• Implement network controls to prevent adjacent-network attackers from intercepting SSH sessions.
• Monitor SSH connections and credential usage for anomalies.
• Apply patches or updates provided by Red Hat to address this vulnerability.
• Conduct regular security audits of OpenShift cluster configurations.

Evidence notes

The primary evidence for this vulnerability comes from the CVE record and references provided by Red Hat. The CVE-2026-54100 record indicates a high-severity flaw in WMCO for Red Hat OpenShift Container Platform. Evidence limits suggest that defenders should verify the official CVE record and Red Hat security advisories for detailed information. Affected products include Red Hat OpenShift Container Platform with Windows worker nodes. Defenders should verify their OpenShift cluster configurations and WMCO settings.

Official resources