[2026.04.09] Dangers Behind Access Control: Understanding and Exploiting Implicit Permissions in Kubernetes

Abstract:

As the de-facto standard for container orchestration, Kubernetes is extensively adopted by numerous companies and cloud vendors, making its security critical. In this paper, we define a new attack surface called implicit permission: The execution of explicitly granted permissions in Kubernetes dynamically leads to implicit operations on other resources, enabling new permissions beyond the explicitly granted ones. Such implicit permissions create security vulnerabilities that attackers can exploit to compromise an entire cluster. Automatically identifying implicit permissions is challenging due to implicit relation reasoning and dynamic behaviors across diverse components of Kubernetes. To address that, we devise a systematic approach that combines static analysis techniques with the advanced capabilities of the large language model (LLM, e.g., GPT-4.5). Initially, we develop a static analysis to identify all Kubernetes resources. Building on this, we use static analysis to identify all explicit permissions for each resource. Finally, by combining the semantic reasoning capabilities of LLMs with the pattern-based precision of static analysis, we reason about what explicit permissions
may dynamically lead to implicit permissions through complex interactions and uncover 593 implicit permissions derived from explicit permissions. We use the implicit permission references as insights to identify potential risks of CNCF projects and applications provided by the top four cloud vendors. With responsible disclosure, we obtain five new CVEs, six acknowledgments of cloud vendors, and a bounty awarded by Google. These acknowledgments underlie the practical impact of our attack.