{"id":2857,"date":"2025-09-18T00:56:04","date_gmt":"2025-09-18T00:56:04","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2025\/09\/18\/critical-cves-in-chaos-mesh-enable-in-cluster-code-execution\/"},"modified":"2025-09-18T00:56:04","modified_gmt":"2025-09-18T00:56:04","slug":"critical-cves-in-chaos-mesh-enable-in-cluster-code-execution","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/09\/18\/critical-cves-in-chaos-mesh-enable-in-cluster-code-execution\/","title":{"rendered":"Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution"},"content":{"rendered":"<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Multiple CVEs in the Chaos-Mesh platform have been discovered, including three critical vulnerabilities that allow in-cluster attackers to run arbitrary code on any pod, even in the default configuration.<\/p>\n<p>According to new research by JFrog Security Research, the flaws are tracked as CVE-2025-59358, CVE-2025-59360, CVE-2025-59361 and CVE-2025-59359.\u00a0They affect the Chaos Controller Manager and expose a GraphQL debug server that accepts unauthenticated queries.<\/p>\n<p>JFrog&#8217;s analysis, published on Tuesday, shows the controller exposes a ClusterIP GraphQL endpoint on port 10082 that, by default, does not enforce authentication for the \/query path.<\/p>\n<p>Attackers with network access inside a cluster can call GraphQL mutations to trigger native fault injections, such as killing processes and modifying iptables.<\/p>\n<p>\u201cPlatforms such as Chaos-Mesh give, by design, complete control of the Kubernetes cluster to the platform,\u201d\u00a0said Shachar Menashe, VP of security research at JFrog.<\/p>\n<p>\u201cThis flexibility can become a critical risk when vulnerabilities such as Chaotic Deputy are discovered.\u201d<\/p>\n<p>The three critical CVEs (CVE-2025-59360, CVE-2025-59361 and CVE-2025-59359)\u00a0each have a CVSS score\u00a0of 9.8\u00a0and allow straightforward OS command injection because user input is concatenated directly into shell commands executed via the platform\u2019s ExecBypass routine.<\/p>\n<p><em>Read more on attacks targeting GraphQL: AI Surge Drives Record 1205% Increase in API Vulnerabilities<\/em><\/p>\n<h2>How Attackers Can Exploit Chaotic Deputy<\/h2>\n<p>The Controller Manager can instruct the Chaos Daemon to run commands on other pods.<\/p>\n<p>Using exposed namespaces under \/proc\/\/root and the nsexec helper, an attacker can copy service account tokens from target pods into their own pod, thereby escalating privileges cluster-wide.<\/p>\n<p>Demonstrations include executing a killProcesses mutation against kube-apiserver and copying tokens via a crafted cleanTcs request. Managed offerings that integrate Chaos-Mesh, such as Azure Chaos Studio, may also be affected.<\/p>\n<p>Key affected elements include:<\/p>\n<ul>\n<li>\n<p>Exposed GraphQL \/query endpoint on port 10082<\/p>\n<\/li>\n<li>\n<p>Command-building in cleanTcs, killProcesses, cleanIptables resolvers<\/p>\n<\/li>\n<li>\n<p>Ability to access other pods\u2019 files via \/proc based nsexec<\/p>\n<\/li>\n<\/ul>\n<h2>Patches, Workarounds and Security Response<\/h2>\n<p>Users are urged to upgrade to Chaos-Mesh 2.7.3 immediately.<\/p>\n<p>\u201cWe recommend that Chaos-Mesh users upgrade swiftly since these vulnerabilities are extremely easy to exploit and lead to total cluster takeover,\u201d\u00a0Menashe added.<\/p>\n<p>\u201cWe also want to offer our thanks to the Chaos-Mesh maintainers for their rapid response and collaboration in addressing these critical security issues.\u201d<\/p>\n<p>As a temporary workaround, redeploying the Helm chart with the control server disabled will reduce exposure.<\/p>\n<p>The report concludes that while external exploitation requires cluster network access, in-cluster compromises are common enough to make these vulnerabilities highly dangerous and easy to exploit.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Multiple CVEs in the Chaos-Mesh platform have been discovered, including three critical vulnerabilities that allow in-cluster attackers to run arbitrary code on any pod, even in the default configuration. According to new research by JFrog Security Research, the flaws are tracked as CVE-2025-59358, CVE-2025-59360, CVE-2025-59361 and CVE-2025-59359.\u00a0They affect the Chaos Controller Manager and expose a<\/p>\n","protected":false},"author":2,"featured_media":2858,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2857","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2857-1a9df626-b554-4c15-9805-a08188d6f41a-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2857","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=2857"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2857\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/2858"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=2857"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=2857"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=2857"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}