CVE-2025-64715

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cilium versions prior to 1.16.17 Cilium versions prior to 1.17.10 Cilium versions prior to 1.18.4

Description Cilium is a networking, observability, and security solution with an eBPF-based dataplane. CiliumNetworkPolicys utilizing egress.toGroups.aws.securityGroupsIds referencing non-existent or unattached AWS security group IDs may unintentionally permit wider outbound access than intended. Specifically, the toCIDRset section of the resulting policy is not generated, potentially allowing traffic to more destinations than originally configured.

Recommendations Update to Cilium version 1.16.17 or later. Update to Cilium version 1.17.10 or later. Update to Cilium version 1.18.4 or later.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BIT-CILIUM-2025-64715

BIT-CILIUM-OPERATOR-2025-64715

BIT-HUBBLE-RELAY-2025-64715

CLEANSTART-2026-NB78893

CLEANSTART-2026-QA19540

CLEANSTART-2026-SQ24713

CLEANSTART-2026-VU90450

CVE-2025-64715

GHSA-38PP-6GCP-RQVM

GO-2025-4167

SUSE-SU-2026:0037-1

Affected Products

Cilium

CVE-2025-64715

Weakness Enumeration

Related Identifiers

Affected Products

References · 126