An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster.
There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the cluster.