TF 0167 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Access to host process
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | misconfiguration |
Description
Enabling 'hostProcess' in the security context of Windows pods allows containers to run with privileged access to the underlying Windows node, bypassing normal isolation boundaries. This setting can expose the host to elevated risks by granting containers system-level permissions.
Impact
If exploited, an attacker gaining access to a hostProcess-enabled container could execute commands with high privileges on the Windows node, potentially leading to full host compromise, persistence, and lateral movement across the cluster or broader network.
Resolution
Do not enable 'hostProcess' on any securityContext