CVE-2025-32955: CWE-268: Privilege Chaining in step-security harden-runner
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to `disable-sudo` bypass. Harden-Runner includes a policy option `disable-sudo` to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with the Docker daemon to launch privileged containers or access the host filesystem. This allows the attacker to regain root access or restore the sudoers file, effectively bypassing the restriction. This issue has been patched in version 2.12.0.
AI Analysis
Technical Summary
CVE-2025-32955 is a privilege chaining vulnerability affecting the step-security product 'harden-runner', a CI/CD security agent designed to function as an Endpoint Detection and Response (EDR) tool for GitHub Actions runners. The vulnerability exists in versions from 0.12.0 up to, but not including, 2.12.0. Harden-Runner includes a security policy option called 'disable-sudo' intended to prevent the GitHub Actions runner user from executing commands with elevated privileges via sudo. This is implemented by removing the runner user from the sudoers file, effectively denying sudo access. However, the runner user is also a member of the docker group, which grants it the ability to interact with the Docker daemon. This membership allows the user to launch privileged Docker containers or access the host filesystem through Docker. An attacker who has control over the runner user can exploit this to regain root privileges or restore the sudoers file, thereby bypassing the 'disable-sudo' restriction. This constitutes a privilege escalation vulnerability through improper privilege management and chaining (CWE-268 and CWE-269). The issue was identified and patched in version 2.12.0 of harden-runner. There are no known exploits in the wild at the time of publication, but the vulnerability presents a significant risk in environments where hardened CI/CD runners are used with Docker privileges enabled. The vulnerability leverages the intersection of container privileges and host system permissions, highlighting the risks of granting CI/CD runner users membership in privileged groups such as docker without additional controls.
Potential Impact
For European organizations relying on GitHub Actions for CI/CD pipelines and deploying harden-runner versions prior to 2.12.0, this vulnerability poses a significant risk of privilege escalation. An attacker who gains access to the GitHub Actions runner user account could exploit the Docker group membership to escalate privileges to root on the host system. This could lead to full system compromise, unauthorized code execution, data exfiltration, or disruption of build and deployment processes. The impact extends to the integrity and availability of the CI/CD infrastructure, potentially affecting software supply chain security. Organizations in sectors with stringent compliance requirements, such as finance, healthcare, and critical infrastructure, could face regulatory and reputational damage if exploited. The vulnerability undermines the security controls intended to limit privilege escalation, thereby increasing the attack surface of automated build environments. Given the widespread adoption of GitHub Actions and Docker in European enterprises, the risk is material, especially where hardened-runner is deployed without timely patching. The lack of known exploits in the wild reduces immediate risk but does not preclude targeted attacks or future exploitation.
Mitigation Recommendations
Upgrade harden-runner to version 2.12.0 or later, where the vulnerability is patched. Review and restrict membership of the GitHub Actions runner user in the docker group. Where possible, avoid granting docker group privileges to the runner user or isolate Docker daemon access using rootless Docker or socket proxying techniques. Implement strict access controls and monitoring on CI/CD runners, including logging Docker daemon interactions and detecting anomalous container launches. Use container runtime security tools to enforce least privilege and prevent privileged container execution from untrusted sources. Consider segregating CI/CD runners in isolated environments or virtual machines to limit host impact if compromised. Regularly audit sudoers and group memberships to ensure no unauthorized privilege escalations are possible. Employ multi-factor authentication and credential vaulting for GitHub Actions runner credentials to reduce risk of initial compromise. Incorporate runtime behavioral detection to identify attempts to exploit Docker daemon access for privilege escalation.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Belgium, Ireland
CVE-2025-32955: CWE-268: Privilege Chaining in step-security harden-runner
Description
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to `disable-sudo` bypass. Harden-Runner includes a policy option `disable-sudo` to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with the Docker daemon to launch privileged containers or access the host filesystem. This allows the attacker to regain root access or restore the sudoers file, effectively bypassing the restriction. This issue has been patched in version 2.12.0.
AI-Powered Analysis
Technical Analysis
CVE-2025-32955 is a privilege chaining vulnerability affecting the step-security product 'harden-runner', a CI/CD security agent designed to function as an Endpoint Detection and Response (EDR) tool for GitHub Actions runners. The vulnerability exists in versions from 0.12.0 up to, but not including, 2.12.0. Harden-Runner includes a security policy option called 'disable-sudo' intended to prevent the GitHub Actions runner user from executing commands with elevated privileges via sudo. This is implemented by removing the runner user from the sudoers file, effectively denying sudo access. However, the runner user is also a member of the docker group, which grants it the ability to interact with the Docker daemon. This membership allows the user to launch privileged Docker containers or access the host filesystem through Docker. An attacker who has control over the runner user can exploit this to regain root privileges or restore the sudoers file, thereby bypassing the 'disable-sudo' restriction. This constitutes a privilege escalation vulnerability through improper privilege management and chaining (CWE-268 and CWE-269). The issue was identified and patched in version 2.12.0 of harden-runner. There are no known exploits in the wild at the time of publication, but the vulnerability presents a significant risk in environments where hardened CI/CD runners are used with Docker privileges enabled. The vulnerability leverages the intersection of container privileges and host system permissions, highlighting the risks of granting CI/CD runner users membership in privileged groups such as docker without additional controls.
Potential Impact
For European organizations relying on GitHub Actions for CI/CD pipelines and deploying harden-runner versions prior to 2.12.0, this vulnerability poses a significant risk of privilege escalation. An attacker who gains access to the GitHub Actions runner user account could exploit the Docker group membership to escalate privileges to root on the host system. This could lead to full system compromise, unauthorized code execution, data exfiltration, or disruption of build and deployment processes. The impact extends to the integrity and availability of the CI/CD infrastructure, potentially affecting software supply chain security. Organizations in sectors with stringent compliance requirements, such as finance, healthcare, and critical infrastructure, could face regulatory and reputational damage if exploited. The vulnerability undermines the security controls intended to limit privilege escalation, thereby increasing the attack surface of automated build environments. Given the widespread adoption of GitHub Actions and Docker in European enterprises, the risk is material, especially where hardened-runner is deployed without timely patching. The lack of known exploits in the wild reduces immediate risk but does not preclude targeted attacks or future exploitation.
Mitigation Recommendations
Upgrade harden-runner to version 2.12.0 or later, where the vulnerability is patched. Review and restrict membership of the GitHub Actions runner user in the docker group. Where possible, avoid granting docker group privileges to the runner user or isolate Docker daemon access using rootless Docker or socket proxying techniques. Implement strict access controls and monitoring on CI/CD runners, including logging Docker daemon interactions and detecting anomalous container launches. Use container runtime security tools to enforce least privilege and prevent privileged container execution from untrusted sources. Consider segregating CI/CD runners in isolated environments or virtual machines to limit host impact if compromised. Regularly audit sudoers and group memberships to ensure no unauthorized privilege escalations are possible. Employ multi-factor authentication and credential vaulting for GitHub Actions runner credentials to reduce risk of initial compromise. Incorporate runtime behavioral detection to identify attempts to exploit Docker daemon access for privilege escalation.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-04-14T21:47:11.451Z
- Cisa Enriched
- true
Threat ID: 682d984ac4522896dcbf78af
Added to database: 5/21/2025, 9:09:30 AM
Last enriched: 6/21/2025, 4:08:23 PM
Last updated: 8/11/2025, 5:13:34 AM
Views: 16
Related Threats
CVE-2025-2713: CWE-269 Improper Privilege Management in Google gVisor
MediumCVE-2025-8916: CWE-770 Allocation of Resources Without Limits or Throttling in Legion of the Bouncy Castle Inc. Bouncy Castle for Java
MediumCVE-2025-8914: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in WellChoose Organization Portal System
HighCVE-2025-8913: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in WellChoose Organization Portal System
CriticalCVE-2025-8912: CWE-36 Absolute Path Traversal in WellChoose Organization Portal System
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.