Vulnerabilities in Critical Chaos Mesh enable attackers to seize control over Kubernetes clusters.
A series of critical vulnerabilities, collectively known as 'Chaotic Deputy,' have been identified in the popular Cloud Native Computing Foundation (CNCF) chaos engineering platform, Chaos Mesh. These vulnerabilities pose a significant threat to the security of clusters running Chaos Mesh, granting unauthorized access and enabling privilege escalation.
The Chaotic Deputy vulnerabilities consist of four CVEs (CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361), three of which have CVSS 9.8 severity ratings, indicating they are highly critical.
One of the vulnerabilities, CVE-2025-59358, is a missing authentication flaw that grants unauthorized access to the /query endpoint on port 10082. This vulnerability can be exploited to gain access to service account tokens, enabling privilege escalation.
Attackers can also inject arbitrary shell commands through parameters like device names, process IDs, and iptables chains using the command injection flaws. This can allow them to execute commands on any pod within the cluster using the /proc//root filesystem mounting mechanism and the nsexec binary.
Through exposed APIs, attackers can map pod names to process IDs, providing them with a means to target specific processes. In addition, the Chaos Daemon component runs with privileged permissions in DaemonSet mode, offering attackers extensive cluster access once initial exploitation succeeds.
The primary attack vector involves exploiting an unauthenticated GraphQL server exposed by the Chaos Controller Manager component, as reported by JFrog. Detection can be performed using kubectl commands to identify vulnerable deployments and confirm the presence of the exposed GraphQL endpoint on port 10082.
Organizations using Chaos Mesh are strongly advised to upgrade to version 2.7.3 immediately or disable the control server as a temporary workaround. Failure to address these vulnerabilities could result in complete cluster compromise.
It is essential for users of Chaos Mesh to be vigilant and proactive in securing their clusters. By promptly addressing these vulnerabilities, organizations can mitigate the risks associated with the Chaotic Deputy vulnerabilities and ensure the continued security of their systems.
Read also:
- Top 15 Pivotal Risks to Mobile Application's Security
- Revising the title: Redefining "Bring Your Own Device" Policies for a Secure and Flexible Workspace in the Hybrid Work Environment
- "Global VPN Day: Is it a shield for privacy or a gap needing sealing? Exploring the implications"
- Summoning Shamans, Spirits, and Love in the Play 'Head Over Heels'
