CVE-2024-33522

Summary

CVE-2024-33522 is a vulnerability found in vulnerable versions of Calico, Calico Enterprise, and Calico Cloud. Specifically, versions v3.27.2 and below of Calico, versions v3.19.0-1, v3.18.1, v3.17.3 and below of Calico Enterprise, and version v19.2.0 and below of Calico Cloud are affected by this vulnerability. The vulnerability allows an attacker with local access to the Kubernetes node to escalate their privileges by exploiting a flaw in the Calico CNI install binary. This occurs due to incorrect SUID bit configuration in the binary, combined with the ability to control the input binary, enabling the attacker to execute an arbitrary binary with elevated privileges. This vulnerability has a base severity rating of MEDIUM and requires high privileges to exploit it. The impact includes high integrity and confidentiality impacts, as well as high availability impact if successfully exploited. Remediation for this vulnerability involves updating the affected versions of Calico, Calico Enterprise, and Calico Cloud to newer versions that have fixed this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.