What are the Chaos Mesh 'Chaotic Deputy' vulnerabilities?

Frog Security Research has reported multiple critical vulnerabilities in Chaos Mesh, collectively dubbed 'Chaotic Deputy.' These vulnerabilities can be exploited by attackers with minimal cluster access to achieve cluster takeover and execute arbitrary code across all pods in Kubernetes environments.

What is Chaos Mesh and why is it important?

Chaos Mesh is a popular open-source chaos engineering platform for Kubernetes environments and a Cloud Native Computing Foundation project. It provides fault simulation capabilities for Kubernetes clusters, helping teams test system resiliency by intentionally introducing controlled failures.

What are the specific CVEs in the Chaos Mesh vulnerabilities?

Four CVEs were identified: CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361 (all CVSS 9.8) are OS command injection vulnerabilities in cleanTcs, killProcesses, and cleanIptables mutations respectively. CVE-2025-59358 (CVSS 7.5) is a missing authentication vulnerability exposing a GraphQL debugging server.

How severe are the Chaos Mesh OS command injection vulnerabilities?

The three OS command injection vulnerabilities (CVE-2025-59359, CVE-2025-59360, CVE-2025-59361) all have critical CVSS scores of 9.8. They affect the cleanTcs, killProcesses, and cleanIptables mutations in Chaos Controller Manager, allowing attackers to inject and execute arbitrary operating system commands.

What is the missing authentication vulnerability in Chaos Mesh?

CVE-2025-59358 (CVSS 7.5) is a missing authentication vulnerability where Chaos Controller Manager exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster. This provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial-of-service.

Which versions of Chaos Mesh are affected by these vulnerabilities?

All versions of Chaos Mesh prior to version 2.7.3 are affected by these vulnerabilities. The vulnerabilities stem from improper input sanitization in fault injection mechanisms designed for testing system resiliency.

How can attackers exploit the Chaos Mesh vulnerabilities?

An in-cluster attacker with initial access to the cluster's network can chain the command injection vulnerabilities (CVE-2025-59359, CVE-2025-59360, CVE-2025-59361) with the authentication bypass (CVE-2025-59358) to perform remote code execution across the cluster, even in Chaos Mesh's default configuration.

Are cloud providers affected by the Chaos Mesh vulnerabilities?

Yes, some cloud infrastructure providers that offer Chaos Mesh implementations as part of their managed Kubernetes services are also impacted, including Azure Chaos Studio. The platform's design inherently grants dangerous API privileges to certain pods, making vulnerability exploitation particularly severe.

How can organizations fix the Chaos Mesh vulnerabilities?

Organizations should immediately upgrade Chaos Mesh to version 2.7.3 or later, which contains fixes for all identified vulnerabilities. For those unable to upgrade immediately, a workaround is available by redeploying the Helm chart with the GraphQL server port disabled using: `helm install chaos-mesh chaos-mesh/chaos-mesh -n=chaos-mesh --version 2.7.x --set enableCtrlServer=false`.

What makes the Chaos Mesh vulnerabilities particularly dangerous?

The vulnerabilities are particularly dangerous because they allow cluster takeover with minimal initial access, can be chained together for maximum impact, affect a widely-used chaos engineering platform, enable arbitrary code execution across all pods, and exploit the platform's inherently privileged design that grants dangerous API access to certain pods.

Advisory

Critical vulnerabilities reported in Chaos Mesh tool for Kubernetes Clusters

published: Sept. 16, 2025

Take action: If you're using Chaos Mesh for Kubernetes chaos engineering, immediately upgrade to version 2.7.3 or later. There are vulnerabilities that allow attackers to take over your entire cluster. If you can't upgrade redeploy with the GraphQL server disabled.

Learn More

Frog Security Research is reporting multiple critical vulnerabilities in Chaos Mesh, a popular open-source chaos engineering platform for Kubernetes environments. The vulnerabilities, collectively dubbed "Chaotic Deputy," can be exploited by attackers with minimal cluster access to achieve cluster takeover and execute arbitrary code across all pods.

Chaos Mesh is a Cloud Native Computing Foundation project that provides fault simulation capabilities for Kubernetes clusters.

Vulnerabilities summary

CVE-2025-59359 (CVSS score 9.8) - OS Command Injection). The cleanTcs mutation in Chaos Controller Manager is vulnerable to operating system command injection
CVE-2025-59360 (CVSS score 9.8) - OS Command Injection. The killProcesses mutation in Chaos Controller Manager is vulnerable to operating system command injection
CVE-2025-59361 (CVSS score 9.8) - OS Command Injection. The cleanIptables mutation in Chaos Controller Manager is vulnerable to operating system command injection
CVE-2025-59358 (CVSS score 7.5) - Missing Authentication. The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial-of-service

An in-cluster attacker, i.e., a threat actor with initial access to the cluster's network, could chain CVE-2025-59359, CVE-2025-59360, CVE-2025-59361, or with CVE-2025-59358 to perform remote code execution across the cluster, even in the default configuration of Chaos Mesh

Versions that are affected include all versions of Chaos Mesh prior to 2.7.3. JFrog tied the vulnerabilities to cleanTcs, (a fault injection for testing system resiliency) that did not properly sanitize user input.

Some cloud infrastructure providers that offer Chaos-Mesh implementations as part of their managed Kubernetes Services, such as Azure Chaos Studio, are also impacted. The platform's design inherently grants dangerous API privileges to certain pods, making vulnerability exploitation particularly severe.

Versions that are not affected include Chaos Mesh version 2.7.3 and later releases, which contain fixes for all identified vulnerabilities.

Users of Chaos-Mesh are recommended to upgrade Chaos-Mesh to the fixed version – 2.7.3, as soon as possible. For organizations unable to immediately upgrade, a workaround is available by redeploying the Helm chart with the chaosctl tool and GraphQL server port disabled using the command: helm install chaos-mesh chaos-mesh/chaos-mesh -n=chaos-mesh --version 2.7.x --set enableCtrlServer=false.

Critical vulnerabilities reported in Chaos Mesh tool for Kubernetes Clusters

Read More
Gitlab reports unauthorized pipeline execution flaw, urges patching …
Critical Sudo vulnerabilities enable local privilege escalation to …
Italian cloud provider Westpole impacted by ransomware attack, …
Mirai Botnet variant exploits TBK DVR Devices flaw
VMware reports critical vulnerability in vCenter