Chaotic Deputy: Chaos Mesh Critical GraphQL Flaws — Vulnerability Analysis Report By CyberDudeBivash — Kubernetes & Cloud-Native Threat Intelligence

cyberdudebivash.com | cyberbivash.blogspot.com | cryptobivash.code.blog

Executive Summary

Researchers at JFrog Security recently discovered a set of critical vulnerabilities in Chaos Mesh, a popular chaos-engineering platform for Kubernetes. The vulnerabilities (collectively dubbed Chaotic Deputy) include authentication bypass and OS command injection flaws in the GraphQL debugging interface of Chaos Mesh’s Controller Manager. research.jfrog.com+3JFrog+3The Hacker News+3

These flaws allow an adversary with only in-cluster network access (e.g., a compromised pod) to execute arbitrary commands or kill processes across pods—including high-privilege or control plane pods—and potentially take over the entire Kubernetes cluster. Users of Chaos Mesh versions earlier than 2.7.3 are affected. JFrog+2The Hacker News+2

This report from CyberDudeBivash breaks down how these vulnerabilities work, the risk to cloud-native infrastructures, detection methods, patching guidance, and long-term Kubernetes security hardening.

Vulnerability Details & CVEs

Below are the core vulnerabilities disclosed:

CVE	Severity / CVSS*	Description
CVE-2025-59358	High (≈ 7.5)	Missing authentication on Chaos Controller Manager’s GraphQL debugging server. The `/query` endpoint is unauthenticated; allows process termination (killProcesses) — risk of cluster-wide DoS. NVD+2Feedly+2
CVE-2025-59359	Critical (≈ 9.8)	Command injection via `cleanTcs` mutation. Unprivileged attacker can supply arbitrary device names, appended commands to execute on target pods. JFrog+1
CVE-2025-59360	Critical (≈ 9.8)	Similar OS command injection in `killProcesses` mutation. JFrog+1
CVE-2025-59361	Critical (≈ 9.8)	`cleanIptables` mutation command injection. Attackers can flush or modify iptables chains, affecting network traffic inside the cluster. JFrog+1

* CVSS as per JFrog Security / GitHub Advisory / NVD sources. The Hacker News+2NVD+2

Attack Vector & Preconditions

To exploit these vulnerabilities, an attacker needs:

In-cluster network access: an unprivileged pod or attacker inside the Kubernetes network able to reach the Controller Manager’s GraphQL endpoint. JFrog+2The Hacker News+2
The Chaos Mesh Controller Manager with the GraphQL server enabled (default for many installations). JFrog
Access to namespace where Chaos Mesh is installed, or ability to send GraphQL requests to the controller manager.
If OS command injection is successful, further ability to escalate privileges, access service account tokens, or access nodes/pod file systems. JFrog+1

Potential Impacts

Full cluster compromise: Attackers could use the exposed GraphQL mutations to kill critical pods (control plane components, API server, etc.), exfiltrate sensitive secrets/data, or use service account tokens to move laterally.
Denial of Service (DoS): Simply killing essential process pods can take down the cluster or degrade service.
Credential / Token Theft: Through OS command injection, service account tokens stored in pod file systems under /var/run/secrets/kubernetes.io/... can be accessed. JFrog+1
Disruption of operations: Chaos Mesh is used in many resilience / chaos-engineering workflows; compromise here could also disrupt deployment pipelines, observability, or monitoring systems.

Affected Versions & Patch Information

Affected: Chaos Mesh versions before 2.7.3 (i.e., up to 2.7.2 and earlier) are vulnerable. JFrog+1
Patched version: 2.7.3 contains fixes for all the Chaotic Deputy vulnerabilities. JFrog+2The Hacker News+2

Detection & Indicators of Compromise (IoCs)

Here are key signals to hunt for:

Network / Pod Information

Pods in the chaos-mesh (or whatever namespace used) running with Controller Manager image version < 2.7.3. JFrog
Presence of port 10082 open on chaos-controller-manager (GraphQL server) and accessible from other pods. JFrog+1

Behavioral / GraphQL Mutations

GraphQL requests to /query endpoint without authentication.
Mutation calls: killProcesses, cleanTcs, cleanIptables, or other mutation invocations with passed device or pod parameters.

Commands / Process actions

Execution of iptables, tc or other system commands via Chaos Mesh.
New creation of pods or jobs that copy files from /proc/<PID>/root/var/run/secrets/... (serviceaccount token paths) to accessible directories.

Logs

Audit logs or Kubernetes API server logs showing CrashLoop or abnormal pod shutdowns.
Chaos Mesh controller manager logs containing unauthenticated GraphQL calls.

Detection Rule Samples

Here are sample detection rules for SIEM/EDR:

Sigma-style rule for discovering GraphQL mutation calls without auth:

title: Chaos Mesh GraphQL Mutation without Authentication
id: cdb1-chaotic-deputy-unauth-mutation
status: experimental
description: Detects GraphQL mutation request to Chaos Controller Manager from pods without proper RBAC or auth
logsource:
  product: http
  service: web
detection:
  selection:
    url_path: "/query"
    http_method: POST
    request_body|contains:
      - "mutation killProcesses"
      - "mutation cleanTcs"
      - "mutation cleanIptables"
  condition: selection
level: critical
tags:
  - attack.command_injection
  - attack.rce
  - cloud.k8s

Kubernetes audit / network policy rule:

Monitor ingress from pods (not in chaos-mesh namespace) to Controller Manager port 10082.
Alert when any pod outside expected list connects to GraphQL debug interface.

Mitigation & Emergency Fixes

If you’re running Chaos Mesh, here are immediate remediation steps:

Upgrade to version 2.7.3 immediately. This is the official fixed version. JFrog+1
If you cannot upgrade right now, disable the GraphQL control server / disable chaosctl / disable enableCtrlServer via the Helm chart. Set enableCtrlServer=false. JFrog+1
Restrict network access to the Controller Manager: use NetworkPolicies to limit access to only trusted namespaces or pods.
Limit exposure: bind the GraphQL endpoint only to localhost or internal trusted IPs.
Audit and rotate service account tokens if you suspect compromise due to prior exposure.

Long-Term Defense & Best Practices

Regularly scan your Kubernetes components (including chaos-engineering tools) for CVEs. Tools like K8s vulnerability scanners / CNAPP / CISA / cloud vendor advisories.
Apply least privilege for pods using Chaos Mesh; ensure that pods do not carry unnecessary permissions or wide RBAC roles.
Use Mutating Admission Webhooks to enforce security policies and block unsafe configurations.
Log and monitor GraphQL usage, even when disabled; ensure that audit logs include origin pod info for requests.
Apply network segmentation: separate namespaces, restrict inter-namespace traffic, apply pod security policies or equivalent.

CyberDudeBivash Recommendations

Immediately review all clusters using Chaos Mesh; create an inventory of versions, exposure status.
Run exploit simulations (in safe test clusters) to understand blast radius.
Incorporate Chaotic Deputy CVEs into your IOC feed / signature library.
Provide training for node / cluster admins & DevOps teams about risks of debug endpoints and command injection.

#CyberDudeBivash #ChaosMesh #ChaoticDeputy #KubernetesSecurity #GraphQLFlaw #RemoteCodeExecution #CloudNative #ThreatIntel #DevSecOps #VulnerabilityAnalysis

Conclusion

The Chaotic Deputy vulnerabilities in Chaos Mesh represent a severe risk to Kubernetes environments around the world. Because the entry requirement is only in-cluster network access (which many pods already have), the potential for compromise is high. Organizations must act now — patch, restrict access, and audit.

CyberDudeBivash will continue tracking exploitation activity and publish IOCs, detection rules, and monitoring scripts in our ThreatWire feed. If you want, I can build an IOC pack + Sigma / YARA rules specifically for “Chaotic Deputy” for your security team.

Cyberdudebivash