NOW LET US – AI RAG SaaS Studio TP.HCM
NOW LET US
Digital Product Studio
Back to news
CYBERSECURITY...3 min read

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Share
NOW LET US Article – Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

An unpatched security vulnerability in Argo CD's repo-server component could allow unauthenticated attackers to execute arbitrary code and take over Kubernetes clusters. With no official patch available, enabling network isolation is currently the only viable defense.

Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port.

Synacktiv, which found the bug, says it can lead to a full cluster takeover. There is no fix and no CVE. The firm says it reported the flaw to Argo CD's maintainers in January 2025; roughly eighteen months later, it remains unpatched, so it published the details to warn users.

The bug sits in repo-server, the Argo CD component that reads Git repositories and builds Kubernetes manifests, the files that define what the cluster deploys.

Its internal gRPC service has no authentication; anyone who can reach it can send a crafted request to run a command. Synacktiv demonstrated the attack against Argo CD v2.13.3 and reports no patched release; it did not publish a full list of affected versions.

The technique abuses kustomize, a standard tool Argo CD runs to turn repository files into manifests. Kustomize has a --helm-command option that points to the helm binary it should call.

Synacktiv found that an unauthenticated request to the repo-server's GenerateManifest service can set that option to a script instead, pulled from an attacker-controlled Git repository. When kustomize runs, it executes the script rather than helm.

But "internal" does not mean isolated by default. Argo CD ships Kubernetes network policies that wall the repo-server off from everything except its own components.

Synacktiv found the Helm chart, a common way to install Argo CD, leaves those policies off by default, with networkPolicy.create set to false. In that setup, an attacker who compromises a single pod in the cluster can reach the repo-server and trigger the bug.

Running code on the repo-server is not the end of it. Synacktiv used that access to read the cluster's Redis password from an environment variable, connect to Argo CD's Redis cache, and poison the stored deployment data. On the next automatic sync, Argo CD deployed an attacker-supplied workload.

That step revives CVE-2024-31989, a 2024 flaw Cycode found where Argo CD's Redis had no password, letting any pod in the cluster poison the deployment cache. Argo CD fixed that by adding a Redis password, but the cache itself is still not signed, so stealing the password back reopens the same attack.

What to do

There is no patched version, so the defense is network isolation. Turn on Kubernetes network policies so only Argo CD's own components can reach the repo-server and Redis ports. Argo CD provides the policy files; Helm users have to enable them because the chart leaves them off.

Check what is active with: kubectl get networkpolicy -A. A healthy install shows one network policy per component, including the repo-server and Redis. If those policies are missing, the repo-server and Redis ports are reachable from the rest of the cluster.

Synacktiv built a tool, argo-cdown, that automates the full attack. It is holding the tool back for now to give defenders time to lock down their network policies, and says it will publish it on GitHub later so administrators can test their own deployments.

This is not Argo CD's first exposure of its own internals. In September 2025, it patched CVE-2025-55190, where an API token with only basic read access could pull back a project's Git repository credentials, a flaw that The Hacker News flagged at the time.

In May 2026, another bug, CVE-2026-42880, allowed read-only users to read plaintext Kubernetes secrets. The pattern is hard to miss: Argo CD concentrates cluster access and repository secrets, and its internal surfaces keep handing them out, to an unauthenticated request in one bug and a low-privilege token in the next.

Until a patch ships, treating the cluster network as hostile is the only real defense.

© 2026 Now Let Us. All rights reserved.

Source: The Hacker News

Advertisement
Ad slot ready: 5887729102

More in this category

NOW LET US Related – Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

cybersecurity

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan using a sophisticated Python-based information stealer called BusySnake.

NOW LET US Related – European Parliament Member Investigating Spyware Was Hacked With Pegasus

cybersecurity

European Parliament Member Investigating Spyware Was Hacked With Pegasus

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc.

NOW LET US Related – Identity Lifecycle Management Wasn't Built for AI Agents

cybersecurity

Identity Lifecycle Management Wasn't Built for AI Agents

Identity lifecycle management was architected around human employees, leaving structural blind spots as autonomous AI agents proliferate across enterprise environments.

NOW LET US Related – FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

cybersecurity

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The financially-motivated FortiBleed credential-harvesting campaign has been linked to INC and Lynx ransomware operations, exposing a massive infrastructure that targeted over 430,000 FortiGate firewalls globally.

NOW LET US Related – SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

cybersecurity

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Threat actors are leveraging SEO poisoning and spoofed software websites to distribute the ScreenConnect remote access tool, which is then abused to deploy the AsyncRAT malware on compromised Windows systems.

NOW LET US Related – CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

cybersecurity

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability (CVE-2026-12569) impacting PTC Windchill to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation involving JSP web shells.

EXPLORE TOPICS

Discover All Categories

Deep dive into the specific technology sectors that matter most to you.