Recent analyses have uncovered significant security flaws in Chaos Mesh, a widely utilized chaos engineering platform within Kubernetes environments. These vulnerabilities, collectively termed Chaotic Deputy, encompass four distinct CVEs that, if exploited, could lead to full cluster compromise through relatively straightforward attack methods.
Key Points:
1. Chaotic Deputy vulnerabilities in Chaos Mesh versions prior to 2.7.3 permit unauthenticated GraphQL access and command injection.
2. Attackers can exploit port 10082 and the Chaos Daemon to hijack pods and extract tokens.
3. Immediate upgrading or disabling of the control server is recommended.
Detailed Analysis:
The identified vulnerabilities are cataloged as CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361. Notably, three of these carry critical severity ratings with a CVSS score of 9.8. These flaws affect Chaos Mesh versions earlier than 2.7.3 and can be exploited by attackers who have initial network access to the Kubernetes cluster, even from unprivileged pods.
Specific Vulnerabilities:
– CVE-2025-59358: This vulnerability arises from the absence of authentication mechanisms, allowing unauthorized access to the `/query` endpoint on port 10082. This GraphQL interface, intended for debugging, lacks proper authentication controls in its default configuration.
– CVE-2025-59359, CVE-2025-59360, CVE-2025-59361: These involve OS command injection vulnerabilities within GraphQL mutations such as `cleanTcs`, `killProcesses`, and `cleanIptables`. User inputs are directly concatenated into command execution functions, enabling attackers to inject arbitrary shell commands through parameters like device names, process IDs, and iptables chains.
Exploitation Techniques:
Attackers can leverage these command injection flaws to execute commands like `tc qdisc del dev [DEVICE] root`, `kill [PIDS]`, and `iptables -F [CHAIN]` with malicious payloads. The vulnerable code paths lead directly to the `ExecBypass` method, which executes commands on target pods without proper input sanitization.
The Chaos Daemon component operates with privileged permissions in DaemonSet mode, granting attackers extensive cluster access upon successful exploitation. By utilizing the `/proc/
Attack Progression:
The attack sequence involves mapping pod names to process IDs through exposed APIs, then accessing the proc filesystem to retrieve service account tokens located at `/proc/
Vulnerability Summary:
| CVE | Title | Impact | CVSS 3.1 Score | Severity |
|—————–|—————————————-|—————————————————————|—————-|———-|
| CVE-2025-59358 | Missing authentication (DoS) | Unauthorized access to GraphQL server, causing cluster-wide DoS | 7.5 | High |
| CVE-2025-59359 | OS command injection in `cleanTcs` | Arbitrary shell command execution on pods | 9.8 | Critical |
| CVE-2025-59360 | OS command injection in `killProcesses`| Arbitrary shell command execution on pods | 9.8 | Critical |
| CVE-2025-59361 | OS command injection in `cleanIptables`| Arbitrary shell command execution on pods | 9.8 | Critical |
Recommendations:
Organizations utilizing Chaos Mesh should take immediate action:
– Upgrade: Update to version 2.7.3 to address these vulnerabilities.
– Temporary Workaround: Disable the control server by executing:
“`
helm install chaos-mesh chaos-mesh/chaos-mesh -n=chaos-mesh –version 2.7.x –set enableCtrlServer=false
“`
Detection Measures:
Administrators can use `kubectl` commands to identify vulnerable deployments and confirm the presence of the exposed GraphQL endpoint on port 10082.
Conclusion:
The Chaotic Deputy vulnerabilities in Chaos Mesh pose a significant risk to Kubernetes clusters, potentially leading to full cluster compromise. Prompt upgrading to the latest version or implementing the recommended workaround is essential to mitigate these risks.
