Rancher Manager – Privilege Escalation via Pod Security Admission (PSA) Label Modification (CVE-2026-41052) – Critical -DC-Jul2026-796

Listen to this Post

How CVE-2026-41052 Works

CVE-2026-41052 is a privilege escalation vulnerability in Rancher Manager that stems from overly permissive default role definitions. The built-in `project-owner` role is configured with a wildcard () permission for the `projects` resource, which inadvertently grants the `updatepsa` verb. This verb allows a user to modify Pod Security Admission (PSA) labels on namespaces within their assigned projects.
The attack path unfolds as follows: an attacker must first obtain Cluster Member access, which is a relatively low-privileged role in Rancher. From there, the attacker either creates a new project or is assigned ownership of an existing one—granting them the Project Owner role. Within that project, the attacker creates a namespace and then modifies its PSA configuration to use the `privileged` profile.
Kubernetes Pod Security Standards define three profiles: `privileged`, `baseline`, and `restricted`. The `privileged` profile disables core security controls, allowing containers to run with host-level access, bypass standard isolation boundaries, and potentially break out of their containers. By switching a namespace to this profile, the attacker can deploy privileged workloads that have unrestricted access to the host node, including the ability to mount host filesystems, access sensitive host resources, and escalate privileges to the cluster administrator level.
The root cause is the wildcard permission in the `project-owner` role definition. Rather than explicitly listing allowed verbs (`get`, `update`, `delete`, `patch`, `create`, `list`, `watch`, `deletecollection`), the role uses
, which implicitly includes the dangerous `updatepsa` verb. This design flaw effectively allows Project Owners to bypass any restricted PSA policies enforced at the cluster level, turning a tenant-level user into a potential host-level threat.
The vulnerability affects all Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10. The CVSS v4 score is 9.4 (Critical), reflecting the severe impact on confidentiality, integrity, and availability.

DailyCVE Form

Platform: Rancher Manager
Version: < 2.14.2, < 2.13.6, < 2.12.10
Vulnerability: Improper Privilege Handling (CWE-305)
Severity: Critical (CVSS 4.0: 9.4)
Date: 2026-05-27

Prediction: 2026-06-15 (expected patch date)

What Undercode Say

Check current Rancher version
kubectl get deployment rancher -n cattle-system -o jsonpath='{.spec.template.spec.containers[bash].image}'
List users with Project Owner role
kubectl get clusterrolebinding -o json | jq '.items[] | select(.roleRef.name=="project-owner") | .subjects'
Verify project-owner role permissions (pre-patch)
kubectl get clusterrole project-owner -o yaml | grep -A 10 "rules:"
Check PSA labels on a namespace
kubectl get namespace <namespace> -o yaml | grep pod-security
Simulate the attack: attempt to set privileged PSA label
kubectl label namespace <namespace> pod-security.kubernetes.io/enforce=privileged --overwrite

Code Snippet (Go – Rancher Role Definition Before Patch):

// Vulnerable role definition (simplified)
var projectOwnerRole = &rbacv1.ClusterRole{
ObjectMeta: metav1.ObjectMeta{
Name: "project-owner",
},
Rules: []rbacv1.PolicyRule{
{
APIGroups: []string{"management.cattle.io"},
Resources: []string{"projects"},
Verbs: []string{""}, // Wildcard grants updatepsa verb
},
},
}

Code Snippet (Go – Patched Role Definition):

// Patched role definition (explicit verbs, updatepsa removed)
var projectOwnerRole = &rbacv1.ClusterRole{
ObjectMeta: metav1.ObjectMeta{
Name: "project-owner",
},
Rules: []rbacv1.PolicyRule{
{
APIGroups: []string{"management.cattle.io"},
Resources: []string{"projects"},
Verbs: []string{"get", "update", "delete", "patch", "create", "list", "watch", "deletecollection"},
},
},
}

Exploit

To exploit this vulnerability, an attacker must:

  1. Obtain Cluster Member Access: Gain authentication as a user with the `cluster-member` role in the Rancher cluster.
  2. Acquire Project Ownership: Either create a new project or be assigned the `project-owner` role on an existing project.
  3. Create a Namespace: Within the owned project, create a new Kubernetes namespace.
  4. Modify PSA Labels: Using the `updatepsa` verb, apply the `privileged` profile label to the namespace:
    kubectl label namespace <namespace> pod-security.kubernetes.io/enforce=privileged --overwrite
    
  5. Deploy Privileged Workload: Deploy a container with `securityContext.privileged: true` or a pod that mounts host paths, enabling host-level access.
  6. Escalate Privileges: Use the privileged container to access host resources, read secrets, or break out to the underlying node, effectively gaining cluster administrator privileges.

Protection

  • Upgrade Immediately: Apply the patches by upgrading to Rancher v2.14.2, v2.13.6, or v2.12.10 or later.
  • Custom Role Restriction: If upgrading is not immediately possible, create a custom project role based on `project-owner` but explicitly restrict verbs to get, update, delete, patch, create, list, watch, deletecollection—excluding “ and updatepsa.
  • Audit Existing Roles: Review all current `project-owner` assignments and remove unnecessary grants. Use the following command to identify users with this role:
    kubectl get clusterrolebinding -o json | jq '.items[] | select(.roleRef.name=="project-owner") | .subjects'
    
  • Enforce PSA at Cluster Level: Apply a `restricted` or `baseline` Pod Security Standard at the cluster level using a `PodSecurity` admission configuration or a validating webhook to override namespace-level overrides.
  • Monitor for Anomalies: Set up alerts for any namespace PSA label changes, especially to privileged, and monitor for privileged container deployments.

Impact

Successful exploitation of CVE-2026-41052 allows a Project Owner to escalate privileges to the host level, leading to:
– Deployment of privileged containers that bypass standard Kubernetes security controls.
– Access to host-level resources, including the host filesystem, network interfaces, and device nodes.
– Container breakout, enabling the attacker to escape the container runtime and execute commands directly on the host node.
– Cluster privilege escalation, potentially leading to full cluster compromise and access to all namespaces and secrets.
– Compromise of workloads running on affected nodes, including data exfiltration, lateral movement, and denial of service.
This vulnerability is categorized under MITRE ATT&CK techniques including T1610 (Deploy Container) and T1068 (Privilege Escalation). Given the CVSS v4 score of 9.4 (Critical) and the potential for host-level compromise, this issue poses a severe risk to any Rancher-managed Kubernetes environment.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top