Proxmox Extension Allows Cross-Tenant Instance Access

Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmox_vmid, to associate CloudStack instances with Proxmox virtual machines. Because this value is not restricted or validated against tenant ownership and Proxmox VM IDs are predictable, a non-privileged attacker can modify the setting to reference a VM belonging to another account. This allows unauthorized cross-tenant access and enables full control over the targeted VM, including starting, stopping, and destroying the virtual machine. Users are recommended to upgrade to version 4.22.0.1, which fixes this issue. As a workaround for the existing installations, editing of the proxmox_vmid instance detail by users can be prevented by adding this detail name to the global configuration parameter - user.vm

Casky was already ahead

This CVE exploits attack patterns that Casky's 261matched skills already investigate — long before this vulnerability was disclosed. Claude's reasoning model maps these techniques to MITRE ATT&CK, so practitioners who ran these skills have already seen the threat behaviour in their findings.

Analysis

CVE-2026-25199 is a critical authorization bypass vulnerability in Apache CloudStack's Proxmox extension that allows attackers to access virtual machine instances belonging to other tenants. The flaw stems from improper validation of the proxmox_vmid parameter—a user-editable instance setting that CloudStack uses to map its instances to underlying Proxmox VMs. Since Proxmox VM IDs are predictable and not validated against tenant ownership, a non-privileged attacker can modify this value to gain unauthorized access to instances outside their tenant boundary. This affects CloudStack versions 4.21.0.0 through 4.22.0.0 and represents a severe risk for multi-tenant cloud environments where tenant isolation is fundamental to security and compliance.

Casky's 261 matching skills—powered by Claude AI's extended reasoning—map directly to MITRE ATT&CK techniques TA0043 (Reconnaissance) and TA0009 (Collection), helping practitioners identify the attack chain. Practitioners would see detection signals including: suspicious instance metadata modification attempts targeting proxmox_vmid parameters, cross-tenant API calls with modified VM identifiers, and unauthorized access to instance resources outside expected tenant scope. Casky's skills would correlate these signals with known privilege escalation and data exfiltration patterns, flagging the reconnaissance phase when attackers enumerate predictable Proxmox VM IDs and the collection phase when they access unauthorized instance data. The platform would highlight configuration drift in instance settings and anomalous API patterns that indicate someone is systematically probing tenant boundaries—critical indicators that this vulnerability is being actively exploited in your environment.

Live Threat IntelligenceComing soon

Casky Risk Score

—

EPSS Probability

—

Shodan Exposure

—

GreyNoise Signal

—

Composite risk scoring from EPSS, CISA KEV, Shodan, and GreyNoise — 21 security APIs correlated into a single Casky Risk Score. Coming in Casky Pro. Join early access →

261 Casky skills cover this attack pattern

These skills use Claude AI's reasoning model to surface findings in the same attack categories as CVE-2026-25199.

acquiring-disk-image-with-dd-and-dcfldd

digital forensics · low

Run

analyzing-apt-group-with-mitre-navigator

threat intelligence · low

Run

analyzing-browser-forensics-with-hindsight

digital forensics · low

Run

MITRE ATT&CK Techniques

TA0043 TA0009

Investigate the attack patterns behind CVE-2026-25199

Casky has 261 skills that investigate the attack patterns behind CVE-2026-25199. Run one and get CVSS-scored findings in 3 minutes.

Run the skill that detects this →

X Instagram LinkedIn