Important vulnerabilities had been recognized in Chaos Mesh, a preferred Cloud Native Computing Basis chaos engineering platform used for fault injection testing in Kubernetes environments.
The safety flaws, collectively dubbed “Chaotic Deputy,” comprise 4 CVEs that allow full cluster compromise by comparatively easy exploitation strategies.
Key Takeaways1. “Chaotic Deputy” in Chaos Mesh 2. Attackers exploit port 10082 and Chaos Daemon to hijack pods and steal tokens.3. Improve or disable the management server.
The vulnerability set consists of CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361, with three of those carrying crucial CVSS 9.8 severity scores.
These vulnerabilities have an effect on Chaos Mesh variations previous to 2.7.3 and might be exploited by attackers with preliminary community entry to the Kubernetes cluster, even when operating inside unprivileged pods.
Chaos Mesh Vulnerabilities
JFrog experiences that the first assault vector includes exploiting an unauthenticated GraphQL server uncovered by the Chaos Controller Supervisor part.
CVE-2025-59358 represents a lacking authentication flaw that permits unauthorized entry to the /question endpoint on port 10082.
This GraphQL interface, supposed as a debugging software, operates with out correct authentication controls in default configurations.
The remaining three CVEs contain OS command injection vulnerabilities inside GraphQL mutations together with cleanTcs, killProcesses, and cleanIptables.
These mutations instantly concatenate consumer enter into command execution capabilities, permitting attackers to inject arbitrary shell instructions by parameters like machine names, course of IDs, and iptables chains.
Attackers can exploit these command injection flaws to execute the tc qdisc del dev [DEVICE] root, kill [PIDS], and iptables -F [CHAIN] instructions with malicious payloads.
The susceptible code paths sink instantly into the ExecBypass methodology, which executes instructions heading in the right direction pods with out correct enter sanitization.
The Chaos Daemon part runs with privileged permissions in DaemonSet mode, offering attackers with intensive cluster entry as soon as preliminary exploitation succeeds.
By means of the /proc//root filesystem mounting mechanism and the nsexec binary, attackers can execute arbitrary instructions on any pod throughout the cluster.
Complete cluster takeover
The assault development includes mapping pod names to course of IDs by uncovered APIs, then leveraging the proc filesystem to entry service account tokens situated at /proc//root/var/run/secrets and techniques/kubernetes.io/serviceaccount/token.
This method permits privilege escalation by stealing tokens from high-privilege service accounts.
CVETitleImpactCVSS 3.1 ScoreSeverityCVE-2025-59358Missing authentication (DoS)Unauthorized entry to GraphQL server, inflicting cluster-wide DoS7.5HighCVE-2025-59359OS command injection in cleanTcsArbitrary shell command execution on pods9.8CriticalCVE-2025-59360OS command injection in killProcessesArbitrary shell command execution on pods9.8CriticalCVE-2025-59361OS command injection in cleanIptablesArbitrary shell command execution on pods9.8Critical
Organizations utilizing Chaos Mesh ought to instantly improve to model 2.7.3 or implement the momentary workaround by disabling the management server utilizing helm set up chaos-mesh chaos-mesh/chaos-mesh -n=chaos-mesh –model 2.7.x –set enableCtrlServer=false.
Detection might be carried out utilizing kubectl instructions to establish susceptible deployments and make sure the presence of the uncovered GraphQL endpoint on port 10082.
Free dwell webinar on new malware techniques from our analysts! Be taught superior detection strategies -> Register for Free
