Product
A critical privilege escalation vulnerability exists in Rancher Manager where a Project Owner can modify Pod Security Admission (PSA) labels on namespaces within their projects, allowing them to configure a namespace to use the privileged profile, which enables the deployment of privileged workloads that bypass standard container isolation, leading to host-level access and cluster privilege escalation.