Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2025-29922

CVE-2025-29922: kcp Control Plane Auth Bypass Vulnerability

CVE-2025-29922 is an authentication bypass flaw in kcp Kubernetes-like control plane that allows attackers to create or delete objects in arbitrary workspaces without proper authorization. This post covers technical details, affected versions, impact, and mitigation.

Updated:

CVE-2025-29922 Overview

CVE-2025-29922 is a critical authorization bypass vulnerability in kcp, a Kubernetes-like control plane designed for form-factors and use-cases beyond traditional Kubernetes and container workloads. This vulnerability allows attackers to create or delete objects via the APIExport VirtualWorkspace in arbitrary target workspaces for pre-existing resources, bypassing the intended access control mechanisms.

Critical Impact

Attackers with low-level privileges can bypass workspace authorization controls to create and delete objects in any arbitrary workspace, even when no APIBinding exists or when permission claims have been explicitly rejected by workspace owners.

Affected Products

  • kcp versions prior to 0.26.3
  • kcp versions prior to 0.27.0

Discovery Timeline

  • 2025-03-20 - CVE CVE-2025-29922 published to NVD
  • 2025-03-20 - Last updated in NVD database

Technical Details for CVE-2025-29922

Vulnerability Analysis

This vulnerability is classified as CWE-285 (Improper Authorization), representing a fundamental flaw in the access control implementation within kcp's APIExport VirtualWorkspace component. The vulnerability allows unauthorized manipulation of resources across workspace boundaries, violating the principle of least privilege that should govern multi-tenant environments.

By design, the APIExport VirtualWorkspace should only permit cross-workspace operations when workspace owners explicitly grant access to API providers through the creation of an APIBinding. This authorization model ensures that workspace isolation is maintained and that API providers cannot manipulate resources without explicit consent from workspace owners.

The vulnerability undermines this security model entirely, allowing attackers to bypass both the APIBinding requirement and any rejected permission claims, effectively granting them unauthorized access to create and delete objects in any target workspace.

Root Cause

The root cause of this vulnerability lies in the improper authorization checks within the APIExport VirtualWorkspace's binding authorizer component. The authorization logic failed to properly validate whether an APIBinding existed in the target workspace or whether the workspace owner had accepted the necessary permission claims before allowing create and delete operations.

The fix introduced a new binding authorizer in pkg/virtual/apiexport/authorizer/binding.go that properly validates APIBinding presence and permission claim acceptance before authorizing cross-workspace operations.

Attack Vector

The attack can be executed remotely over the network by any authenticated user with low-level privileges. The attacker does not require any user interaction to exploit this vulnerability, and the scope is changed, meaning the vulnerability can affect resources beyond the vulnerable component's security scope.

An attacker could exploit this vulnerability by:

  1. Authenticating to the kcp control plane with minimal privileges
  2. Targeting any arbitrary workspace via the APIExport VirtualWorkspace
  3. Creating or deleting pre-existing resource types without requiring an APIBinding
  4. Bypassing explicitly rejected permission claims set by workspace owners
go
// Security patch introducing proper binding authorization
// Source: https://github.com/kcp-dev/kcp/commit/614ecbf35f11db00f65391ab6fbb1547ca8b5d38

+/*
+Copyright 2025 The KCP Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package authorizer
+
+import (
+	"context"
+	"fmt"
+	"slices"
+	"strings"
+
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apiserver/pkg/authorization/authorizer"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+
+	kcpkubernetesclientset "github.com/kcp-dev/client-go/kubernetes"
+	"github.com/kcp-dev/logicalcluster/v3"

Source: GitHub Commit Update

Detection Methods for CVE-2025-29922

Indicators of Compromise

  • Unexpected object creation or deletion events in workspaces without corresponding APIBinding resources
  • API audit logs showing cross-workspace operations from users without proper APIBinding permissions
  • Resource modifications in workspaces where permission claims were explicitly rejected
  • Unusual activity patterns in the APIExport VirtualWorkspace endpoint

Detection Strategies

  • Monitor kcp audit logs for APIExport VirtualWorkspace operations targeting workspaces without valid APIBindings
  • Implement alerts for create/delete operations on pre-existing resources across workspace boundaries
  • Review API server logs for authorization decisions that may indicate bypass attempts
  • Deploy runtime security monitoring to detect anomalous cross-workspace resource manipulation

Monitoring Recommendations

  • Enable comprehensive audit logging for all APIExport VirtualWorkspace operations
  • Configure alerting thresholds for cross-workspace operations exceeding baseline activity
  • Implement workspace inventory tracking to detect unauthorized resource creation or deletion
  • Regularly audit APIBinding configurations across all workspaces to establish normal patterns

How to Mitigate CVE-2025-29922

Immediate Actions Required

  • Upgrade kcp to version 0.26.3 or 0.27.0 immediately to address this vulnerability
  • Audit all workspaces for unauthorized resource modifications that may have occurred prior to patching
  • Review API audit logs for evidence of exploitation attempts
  • Verify APIBinding configurations across all workspaces to ensure proper access controls

Patch Information

The kcp development team has released security patches in versions 0.26.3 and 0.27.0. The fix introduces a proper binding authorizer that validates APIBinding presence and permission claim acceptance before authorizing cross-workspace create and delete operations.

For detailed patch information, refer to:

Workarounds

  • Restrict network access to the kcp control plane to trusted users and services only
  • Implement additional network-level access controls to limit APIExport VirtualWorkspace exposure
  • Monitor and audit all cross-workspace operations until patches can be applied
  • Consider temporarily disabling APIExport functionality if not operationally required
bash
# Verify kcp version after upgrade
kcp version

# Check for vulnerable versions
kubectl get deployment -n kcp-system -o jsonpath='{.items[*].spec.template.spec.containers[*].image}'

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne