CVE-2025-66626
Published: 09 December 2025
Summary
CVE-2025-66626 is a high-severity Relative Path Traversal (CWE-23) vulnerability in Argoproj Argo Workflows. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 29.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of the specific flaw in Argo Workflows' untar code that mishandles symbolic link targets, preventing exploitation via patching to fixed versions 3.6.14 or 3.7.5.
Mandates validation of information inputs such as tar archives to block malformed symbolic links enabling path traversal and arbitrary file overwrites outside intended directories.
Enforces integrity verification of critical files like /var/run/argo/argoexec to detect or prevent execution of overwritten malicious scripts at pod startup.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote exploitation of Argo Workflows service via malicious tar archives with symlinks (T1210), allows low-priv Kubernetes users to achieve arbitrary code execution in pod context for potential priv esc (T1068), and facilitates overwriting argoexec script executed at pod startup (T1543.005).
NVD Description
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's…
more
target and the subsequent check are flawed. An attacker can overwrite the file /var/run/argo/argoexec with a script of their choice, which would be executed at the pod's start. The patch deployed against CVE-2025-62156 is ineffective against malicious archives containing symbolic links. This issue is fixed in versions 3.6.14 and 3.7.5.
Deeper analysisAI
CVE-2025-66626 is a vulnerability in Argo Workflows, an open-source container-native workflow engine for orchestrating parallel jobs on Kubernetes. It affects versions 3.6.13 and below, as well as versions 3.7.0 through 3.7.4, due to unsafe untar code that mishandles symbolic links in archives. Specifically, the computation of a symbolic link's target and the subsequent security check are flawed, enabling file overwrites outside intended directories. The issue carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) and maps to CWEs-23 (Relative Path Traversal), CWE-78 (OS Command Injection), and CWE-59 (Symbolic Link Following).
An attacker requires low privileges (PR:L), such as those of an authenticated Kubernetes user able to submit workflows, and network access to the Argo server. By supplying a malicious archive containing symbolic links during workflow execution, they can overwrite the file /var/run/argo/argoexec with a custom script. This script executes automatically at the pod's startup, granting high-impact integrity and availability disruption, such as arbitrary code execution within the pod's context.
GitHub Security Advisories (GHSA-p84v-gxvw-73pf and GHSA-xrqc-7xgx-c9vh) confirm the vulnerability and note that the patch for the related CVE-2025-62156 fails against symbolic link attacks. Mitigation requires upgrading to Argo Workflows versions 3.6.14 or 3.7.5, where the fix addresses the flawed link target computation in executor.go (lines 1034-1037) via commit 6b92af23f35aed4d4de8b04adcaf19d68f006de1.
Details
- CWE(s)