CVE-2026-44543: Local Path Provisioner Configuration Injection Leading to Node Compromise
A flaw in Rancher's Local Path Provisioner allows users with permission to modify a specific Kubernetes configuration file to inject malicious settings into helper pods. These pods run with elevated privileges and can access sensitive host files, other applications' data, and credentials stored on the node. The vulnerability requires the attacker to have legitimate access to edit the configuration—they cannot exploit it remotely or without credentials. The issue is resolved in version 0.0.36.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.7 HIGH · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
- Weaknesses (CWE)
- CWE-269
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-05-28 / 2026-06-17
NVD description (verbatim)
Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by rancher/local-path-provisioner. The helperPod.yaml template is loaded by the provisioner and used to create HelperPods during PVC provisioning and cleanup operations. However, the template is not sufficiently validated before use. Security-sensitive fields such as securityContext.privileged, hostPath volumes, and Linux capabilities can be injected into the template. When a PVC operation triggers HelperPod creation, the provisioner creates the HelperPod using the attacker-controlled template. This can result in a privileged pod running on the target node with the host root filesystem mounted. This may allow the attacker to access sensitive host files, read ServiceAccount tokens from other pods on the same node, access other tenants' local-path volume data, or modify files on the host node. This vulnerability is fixed in 0.0.36.
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-44543 is an improper validation vulnerability in Local Path Provisioner versions prior to 0.0.36. The provisioner loads the helperPod.yaml template from a ConfigMap in the local-path-storage namespace without adequate sanitization. An authenticated user with ConfigMap edit permissions can inject security-sensitive fields including securityContext.privileged, hostPath volume mounts, and Linux capabilities into the template. When PVC provisioning or cleanup operations trigger HelperPod instantiation, the provisioner deploys the attacker-controlled pod definition. The resulting pod runs with root access and host root filesystem visibility, enabling lateral movement and data exfiltration on the node.
Business impact
This vulnerability enables privilege escalation and multi-tenant data breach within Kubernetes clusters running vulnerable Local Path Provisioner versions. A malicious or compromised user account with ConfigMap permissions can persistently compromise node security, access other teams' persistent volumes, steal service account tokens for further cluster compromise, and modify host files to establish persistence. In shared or multi-tenant clusters, the risk is amplified: a single compromised developer account with appropriate RBAC permissions could expose the entire node's data and allow lateral movement to other workloads. Organizations relying on role-based access control and namespace isolation for security may find those controls bypassed.
Affected systems
SUSE Local Path Provisioner versions before 0.0.36 are affected. This provisioner is commonly deployed in Kubernetes clusters—particularly in on-premises and edge deployments—to manage local storage. Exposure depends on cluster configuration: only clusters where untrusted or insufficiently-monitored users have been granted ConfigMap edit rights in the local-path-storage namespace are at direct risk. Air-gapped or highly restricted environments may have lower exposure if RBAC policies are enforced strictly.
Exploitability
Exploitation requires legitimate authentication and RBAC permissions to edit ConfigMaps in the local-path-storage namespace. No network-based or unauthenticated exploitation path exists. However, the bar for in-cluster exploitation is low once permissions are granted: an attacker need only update a ConfigMap and then trigger a PVC operation (e.g., by creating or deleting a PersistentVolumeClaim). The attack surface widens in clusters with overly permissive RBAC policies or where service accounts are granted broad ConfigMap edit permissions. The CVSS score of 8.7 (HIGH) reflects the severity of impact once access is gained, balanced against the authentication requirement.
Remediation
Update Local Path Provisioner to version 0.0.36 or later. This version includes proper validation of the helperPod.yaml template and restricts injection of privileged fields. After patching, audit and tighten RBAC policies to limit ConfigMap edit permissions in the local-path-storage namespace to trusted administrators only. Consider using network policies and pod security policies to restrict helper pod execution contexts as a defense-in-depth measure.
Patch guidance
Verify your current Local Path Provisioner version via your Kubernetes cluster (typically visible in the provisioner deployment manifest or helm chart values). Consult SUSE's official security advisory for the exact patch delivery mechanism—this may involve a helm chart update, container image pull, or direct deployment reconfiguration depending on your installation method. Test the patch in a non-production environment first to ensure no disruption to existing PVC operations. After upgrade, confirm that the ConfigMap validation is in place by attempting to inject invalid security settings (in a lab environment) and verifying that the provisioner rejects them.
Detection guidance
Monitor audit logs for ConfigMap modifications in the local-path-storage namespace, especially changes to keys containing 'helperPod' or 'yaml'. Alert on any ConfigMap edit by unexpected users or service accounts. In running clusters, inspect active HelperPod definitions for suspicious security context settings, host path mounts, or elevated capabilities that were not present in baseline configurations. Check if any pods spawned by the provisioner are running with securityContext.privileged=true or have hostPath volumes mounted—these are strong indicators of compromise.
Why prioritize this
Although this vulnerability requires authenticated access with specific RBAC permissions, its impact is severe: node compromise, multi-tenant data exfiltration, and lateral movement into the broader cluster. In shared or multi-tenant Kubernetes environments, or clusters with delegated namespace management, the risk is elevated. Patch urgency is high for any cluster where non-administrative users have ConfigMap edit permissions, even if they are nominally 'trusted.' Organizations should prioritize patching if Local Path Provisioner is used in production storage infrastructure.
Risk score, explained
The CVSS 3.1 score of 8.7 (HIGH) reflects high impact (confidentiality, integrity, and scope change) weighted against high privileges required (PR:H). The attack vector is listed as network (AV:N) because the attacker exploits the Kubernetes API remotely, even though they must be authenticated. The low complexity (AC:L) reflects that ConfigMap modification is a straightforward operation once credentials are obtained. The lack of user interaction and cluster-wide scope (S:C) drive the severity toward the high range. This score appropriately emphasizes that while initial compromise requires credentials, the resulting node-level privilege escalation and data access are severe.
Frequently asked questions
Can this vulnerability be exploited without Kubernetes cluster access?
No. The attacker must be authenticated to the Kubernetes API and have RBAC permissions to edit ConfigMaps in the local-path-storage namespace. There is no remote unauthenticated exploitation path. Compromise typically requires either stolen credentials, a supply-chain attack on a trusted user, or misconfigured RBAC policies.
Does patching require cluster downtime?
Patching Local Path Provisioner typically does not require cluster downtime if you use a rolling update strategy for the provisioner deployment. However, verify your specific deployment method and test in a staging environment first. During the update, existing PVCs should continue to function; only newly-triggered provisioning operations will use the patched code.
How do we know if we're running the vulnerable version?
Check the image tag or version of the local-path-provisioner deployment in your cluster (usually in the kube-system or local-path-storage namespace). Use 'kubectl get deployment -n local-path-storage' and inspect the container image. If the version is earlier than 0.0.36, you are vulnerable and should update immediately.
What if we can't update immediately due to stability concerns?
As an interim measure, enforce strict RBAC policies to restrict ConfigMap edit permissions in the local-path-storage namespace to a minimal set of trusted administrators. Use network policies to restrict outbound connections from helper pods, and enable pod security policies or admission controllers to prevent privileged pod execution. These controls reduce—but do not eliminate—the risk.
This analysis is based on the vulnerability description and CVSS assessment provided as of the modification date. Organizations should consult SUSE's official security advisory and their vendor's patch release notes for comprehensive guidance, timing, and any platform-specific caveats. Testing in a non-production environment is strongly advised before patching production infrastructure. No exploit code or weaponized proof-of-concept is provided or endorsed. This page does not constitute legal, compliance, or vendor-specific security advice. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-0009HIGHAndroid Tapjacking Local Privilege Escalation Vulnerability
- CVE-2026-0089HIGHAndroid PackageInstallerService Permission Check Bypass – Local Privilege Escalation
- CVE-2026-0091HIGHAndroid Launcher Privilege Escalation Vulnerability (CVSS 7.8)
- CVE-2026-46827HIGHOracle E-Business Suite Payroll Remote Compromise – 8.8 CVSS
- CVE-2026-46837HIGHOracle Flow Manufacturing SQL Injection & Privilege Escalation
- CVE-2026-49189HIGHAcer Connect M6E 5G Broadcast Receiver Permission Bypass (CVSS 7.8)
- CVE-2026-0016LOWAndroid Credential Manager Permission Bypass & Cross-User Data Disclosure
- CVE-2026-0046MEDIUMAndroid Tapjacking Permission Escalation Vulnerability