Percona PMM versions before 3.7 allow attackers with administrative rights to break out of the database context and execute OS-level commands, leading to full host compromise.

An internal database user retains excessive superuser privileges. An attacker who already possesses "pmm-admin" rights can abuse the "Add data source" feature to bypass the database sandbox and execute shell commands directly on the underlying operating system.

This vulnerability allows for a complete breakout from the application to the operating system. With a CVSS score of 9.9, the impact is critical; an attacker can gain full control of the PMM server, access all monitored data, and potentially pivot into the wider production network monitored by the tool.

Immediate Action: Upgrade Percona PMM to version 3.7 or later immediately to remediate the excessive privilege issue and the command injection vector.

Proactive Monitoring: Monitor the PMM host for unusual shell activity, unauthorized user creation, or unexpected outbound network connections.

Compensating Controls: Restrict "pmm-admin" access to a highly limited group of trusted administrators and implement host-based intrusion detection (HIDS) to alert on suspicious process execution.

Public Exploit Available: No

While this exploit requires administrative access, the ability to move from an application-level admin to an OS-level root user is a critical risk. Organizations must update to PMM 3.7 immediately to ensure the security of their monitoring infrastructure and the sensitive data it contains.