Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms

Kubernetes threat actors are growing more sophisticated, and are beginning to target excessive permissions and Role-Based Access Control (RBAC) misconfigurations. To understand the real-world impact of excessive permissions, Prisma Cloud researchers analyzed popular Kubernetes platforms - distributions, managed services, and common add-ons - to identify widespread infrastructure components that run with powerful permissions. In 62.5% of the Kubernetes platforms reviewed, privileged credentials were distributed across every node in the cluster. As a result, in half of the platforms examined, a single container escape was enough to take over the entire cluster.­­

Get your copy of the whitepaper to learn about:­

• Privilege escalation attacks in Kubernetes.
• The real blast radius of container escapes.
• How to evaluate and strengthen your RBAC posture.
• A newly released open-source tool that can identify risky permissions and privilege escalation paths in your clusters.