Ethical Hacking News
A critical vulnerability in Argo CD's repo-server component could allow attackers to run code, potentially leading to full cluster takeover. To protect against this threat, organizations must prioritize network isolation and patching.
Unpatched Argo CD Repo-Server Flaw could allow attackers to take over Kubernetes clusters.A critical flaw in Argo CD's repo-server component allows unauthenticated attackers to run code, potentially leading to a full cluster takeover.The vulnerability exploits the lack of authentication on the internal gRPC service, allowing anyone who can reach it to send a crafted request to run a command.Network isolation is crucial in defending against this vulnerability, with Kubernetes network policies being the primary defense mechanism.Argo CD provides policy files, but Helm users must enable them to be effective, as they are left off by default.A tool called argo-cdown has been built to automate the full attack, and its release is expected to give defenders time to lock down their network policies.
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
The world of cybersecurity is often marked by the ebb and flow of vulnerabilities being discovered, patched, and eventually forgotten. However, not all vulnerabilities are created equal, and some can have far-reaching consequences for individuals, organizations, and entire industries. The recent discovery of a critical flaw in Argo CD's repo-server component is a stark reminder of the importance of timely patching, robust security measures, and vigilance in the face of unauthenticated attackers.
Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, a firm that specializes in identifying vulnerabilities and reporting them to organizations, discovered this bug. The company found that the vulnerability could lead to a full cluster takeover, with no fix or CVE (Common Vulnerability Enumeration) number assigned to it.
The flaw sits in repo-server, the Argo CD component that reads Git repositories and builds Kubernetes manifests, the files that define what the cluster deploys. Its internal gRPC service has no authentication; anyone who can reach it can send a crafted request to run a command. Synacktiv demonstrated the attack against Argo CD v2.13.3 and reported no patched release; it did not publish a full list of affected versions.
The technique abuses kustomize, a standard tool that Argo CD runs to turn repository files into manifests. Kustomize has a --helm-command option that points to the helm binary it should call. Synacktiv found that an unauthenticated request to the repo-server's GenerateManifest service can set that option to a script instead, pulled from an attacker-controlled Git repository. When kustomize runs, it executes the script rather than helm.
However, "internal" does not mean isolated by default. Argo CD ships Kubernetes network policies that wall the repo-server off from everything except its own components. Synacktiv found the Helm chart, a common way to install Argo CD, leaves those policies off by default with networkPolicy.create set to false. In that setup, an attacker who compromises a single pod in the cluster can reach the repo-server and trigger the bug.
Running code on the repo-server is not the end of it. Synacktiv used that access to read the cluster's Redis password from an environment variable, connect to Argo CD's Redis cache, and poison the stored deployment data. On the next automatic sync, Argo CD deployed an attacker-supplied workload. That step revives CVE-2024-31989, a 2024 flaw Cycode found where Argo CD's Redis had no password, letting any pod in the cluster poison the deployment cache. Argo CD fixed that by adding a Redis password, but the cache itself is still not signed, so stealing the password back reopens the same attack.
In light of this critical vulnerability, it has become imperative for organizations to take immediate action to secure their Kubernetes clusters and prevent an attacker from exploiting this flaw. The defense against this vulnerability relies heavily on network isolation. Turning on Kubernetes network policies so only Argo CD's own components can reach the repo-server and Redis ports is crucial.
Argo CD provides the policy files, but Helm users have to enable them because the chart leaves them off. To check what is active with kubectl get networkpolicy -A. A healthy install shows one network policy per component, including the repo-server and Redis. If those policies are missing, the repo-server and Redis ports are reachable from the rest of the cluster.
Synacktiv has built a tool called argo-cdown that automates the full attack. It is holding the tool back for now to give defenders time to lock down their network policies, and says it will publish it on GitHub later so administrators can test their own deployments.
This vulnerability highlights the importance of vigilance in cybersecurity. It also underscores the need for organizations to prioritize security updates and patches over other considerations. The recent discovery of this flaw serves as a stark reminder that unauthenticated attackers could take advantage of an unpatched Argo CD vulnerability to gain access to sensitive data, disrupt operations, or even compromise entire systems.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Critical-Vulnerability-Exposed-in-Argo-CD-A-Cautionary-Tale-of-Unpatched-Flaws-and-Unauthenticated-Attackers-ehn.shtml
https://thehackernews.com/2026/07/unpatched-argo-cd-repo-server-flaw.html
Published: Wed Jul 1 18:29:12 2026 by llama3.2 3B Q4_K_M