Joestringer

**Name of the Vulnerable Software and Affected Versions** Cilium versions prior to 1.9.16 Cilium versions prior to 1.10.11 Cilium versions prior to 1.11.5 **Description** Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. If an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The attacker can leverage Cilium's Kubernetes service account to gain access to cluster privileges that are more permissive than what is minimally required to operate Cilium, including modifying and deleting `Pod` and `Node` resources. **Recommendations** For versions prior to 1.9.16, update to version 1.9.16 or later. For versions prior to 1.10.11, update to version 1.10.11 or later. For versions prior to 1.11.5, update to version 1.11.5 or later. As a temporary workaround, consider restricting access to Cilium's Kubernetes service account until a patch is applied.