Introduction
Privileged operators in OpenBao can bypass intended security controls to execute code on the host by abusing the audit subsystem. This flaw impacts any deployment relying on operator privilege separation for secrets management, exposing sensitive environments to code execution and network access risks.
OpenBao is an open-source secrets management platform designed for managing, storing, and distributing sensitive data such as secrets, certificates, and keys. While not as widely adopted as some commercial solutions, it is gaining traction in organizations seeking open-source alternatives for secure secrets management. The project has seen rapid development and adoption, but has also faced several critical vulnerabilities in recent releases.
Technical Information
OpenBao versions 2.3.1 and below are affected by a code injection vulnerability in the audit subsystem. In these versions, privileged API operators can configure audit devices using the sys/audit/* endpoints. The audit device configuration includes a prefix parameter, which is intended to prepend custom strings to audit log entries for context or categorization.
The vulnerability arises because the input to the prefix parameter is not properly sanitized. A privileged operator can inject arbitrary code or commands into the prefix. When audit events are triggered, the system constructs log entries by concatenating the prefix with audit data. If the prefix contains executable content, it can be interpreted as code by the underlying host or by external log processing systems. This enables the operator to execute unauthorized code or establish network connections, violating the intended security restrictions.
The root cause is insufficient input validation and sanitization of the prefix parameter in audit device configuration. The vulnerability is addressed in version 2.3.2, which introduces new configuration options to disable audit mount creation via API (unsafe_allow_api_audit_creation) and to disable audit log prefixing (allow_audit_log_prefixing).
Patch Information
OpenBao version 2.3.2 addresses this vulnerability by restricting access to the sys/audit/* interface and implementing additional security measures. All deployments running versions 2.3.1 or below should upgrade to 2.3.2 or later immediately.
- OpenBao 2.3.0 Release Notes
- OpenBao 2.2.0 Release Notes
- Snyk Advisory SNYK-CHAINGUARDLATEST-OPENBAO-9402424
- Snyk Advisory SNYK-CHAINGUARDLATEST-OPENBAO-9458919
- GitHub Advisory GHSA-xp75-r577-cvhp
Detection Methods
Detection of this vulnerability and potential exploitation involves monitoring for the following indicators:
- Audit Log Prefix Manipulation: Watch for unauthorized or unusual changes to the audit log prefix in the audit device configuration.
- Unexpected File System Access: Track file system activities initiated by OpenBao, especially creation or modification of binaries or scripts.
- Anomalous Network Connections: Observe for unexpected outbound TCP connections from the OpenBao server to external hosts.
Implementing comprehensive logging and real-time alerting for these activities is recommended.
Reference: GitHub Advisory GHSA-xp75-r577-cvhp
Affected Systems and Versions
- OpenBao versions 2.3.1 and below are affected.
- Any deployment where privileged API operators have write access to
sys/audit/*endpoints is vulnerable. - The vulnerability is fixed in version 2.3.2.
Vendor Security History
OpenBao has addressed several critical vulnerabilities in recent releases, including:
- CVE-2025-52894: Unauthenticated users could cancel root rekey and recovery rekey operations (fixed in 2.3.1)
- CVE-2025-52893: Other privilege escalation issues
The vendor has demonstrated rapid patch response and provides detailed advisories. However, the frequency of critical issues highlights the need for ongoing security review and improvements.