Platform
go
Component
github.com/projectcalico/calico
Fixed in
v3.26.5
v3.27.3
v3.17.4
v3.18.2
v3.19.0-2.0
v19.3.0
3.26.5
CVE-2024-33522 describes a privilege escalation vulnerability within the Calico network security platform. This flaw could allow an attacker to gain elevated privileges, potentially compromising network security policies and data. The vulnerability affects Calico versions 3 before 3.26.5 and 3.27.0 before 3.27.3. A fix has been released in version 3.26.5.
Successful exploitation of CVE-2024-33522 could enable an attacker to bypass Calico's security controls and gain unauthorized access to sensitive network resources. This could manifest as the ability to modify network policies, intercept traffic, or even compromise underlying infrastructure. The exact impact depends on the attacker's existing privileges and the configuration of the Calico deployment. Given Calico's role in enforcing network segmentation and security, a successful privilege escalation could have a significant blast radius, potentially affecting multiple workloads and services within the network. While the specific attack vector remains undisclosed, the potential for privilege escalation warrants immediate attention and remediation.
CVE-2024-33522 was publicly disclosed on June 10, 2024. The vulnerability's exploitation context is currently unclear, and no public proof-of-concept (PoC) has been released. Its inclusion in the CISA KEV catalog is pending. Organizations should prioritize remediation due to the potential for significant impact if exploited.
Exploit Status
EPSS
0.05% (17% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-33522 is to upgrade Calico to version 3.26.5 or later. Before upgrading, review the Calico release notes for any potential breaking changes and test the upgrade in a non-production environment. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting access to Calico API endpoints or implementing stricter authentication and authorization policies. Monitor Calico logs for any suspicious activity related to privilege escalation attempts. After upgrading, confirm the fix by verifying that the affected versions are no longer present and that the Calico API is functioning as expected.
Actualice Calico a la versión 3.26.5 o superior, 3.27.3 o superior, 3.17.4 o superior, 3.18.2 o superior, 3.19.0-2.0 o superior, o 19.3.0 o superior, según corresponda a su versión de Calico, Calico Enterprise o Calico Cloud. Esto corrige la configuración incorrecta del bit SUID en el binario de instalación de CNI, evitando la escalada de privilegios. Consulte las notas de la versión para obtener detalles adicionales.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-33522 is a medium-severity vulnerability in Calico versions 3 before 3.26.5 and 3.27.0 before 3.27.3 that allows an attacker to potentially escalate privileges within the network security platform.
You are affected if you are using Calico version 3 before 3.26.5 or version 3.27.0 before 3.27.3. Check your Calico version and upgrade accordingly.
Upgrade Calico to version 3.26.5 or later. Review the release notes for any breaking changes before upgrading and test in a non-production environment first.
Currently, there are no confirmed reports of active exploitation, but the vulnerability's potential impact warrants immediate remediation.
Refer to the official Calico security advisory for detailed information and updates: https://www.projectcalico.org/security/advisories/
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your go.mod file and we'll tell you instantly if you're affected.