diff --git a/SPECS/etcd/CVE-2024-24786.patch b/SPECS/etcd/CVE-2024-24786.patch
deleted file mode 100644
index 7d4b7aaf768..00000000000
--- a/SPECS/etcd/CVE-2024-24786.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From bb1e9bdc04af19078578d008af166030916eef18 Mon Sep 17 00:00:00 2001
-From: bhapathak <bhapathak@microsoft.com>
-Date: Tue, 3 Dec 2024 14:35:21 +0000
-Subject: [PATCH] Vendor patch applied
-
----
- .../protobuf/encoding/protojson/well_known_types.go            | 3 +++
- .../protobuf/internal/encoding/json/decode.go                  | 2 +-
- 2 files changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/vendor/google.golang.org/protobuf/encoding/protojson/well_known_types.go b/vendor/google.golang.org/protobuf/encoding/protojson/well_known_types.go
-index 6c37d41..3a7d3e7 100644
---- a/vendor/google.golang.org/protobuf/encoding/protojson/well_known_types.go
-+++ b/vendor/google.golang.org/protobuf/encoding/protojson/well_known_types.go
-@@ -348,6 +348,9 @@ func (d decoder) skipJSONValue() error {
- 				}
- 			}
- 		}
-+
-+	case json.EOF:
-+		return errors.New("unexpected EOF")
- 	}
- 	return nil
- }
-diff --git a/vendor/google.golang.org/protobuf/internal/encoding/json/decode.go b/vendor/google.golang.org/protobuf/internal/encoding/json/decode.go
-index d043a6e..d2b3ac0 100644
---- a/vendor/google.golang.org/protobuf/internal/encoding/json/decode.go
-+++ b/vendor/google.golang.org/protobuf/internal/encoding/json/decode.go
-@@ -121,7 +121,7 @@ func (d *Decoder) Read() (Token, error) {
- 
- 	case ObjectClose:
- 		if len(d.openStack) == 0 ||
--			d.lastToken.kind == comma ||
-+			d.lastToken.kind&(Name|comma) != 0 ||
- 			d.openStack[len(d.openStack)-1] != ObjectOpen {
- 			return Token{}, d.newSyntaxError(tok.pos, unexpectedFmt, tok.RawString())
- 		}
--- 
-2.39.4
-
diff --git a/SPECS/etcd/etcd.signatures.json b/SPECS/etcd/etcd.signatures.json
index b6e142fc1a6..5a4ca8a4074 100644
--- a/SPECS/etcd/etcd.signatures.json
+++ b/SPECS/etcd/etcd.signatures.json
@@ -1,7 +1,7 @@
 {
   "Signatures": {
     "etcd.service": "4550a4967ba35670051cbfd9b4edf1fc57c0f1d7a07e51f88351ac44c76d8066",
-    "etcd-3.5.12-vendor.tar.gz": "2427523101fa0c5ec75f8c65224cddac89de86ae2f5d6b07f14ae7ea1b195064",
-    "etcd-3.5.12.tar.gz": "90b56a7f2f43a993d420954322e607a6e6a0ca5549f1f7c7dc3567d2f56678d9"
+    "etcd-3.5.18.tar.gz": "8c8890b15c1a19263ab4ee2b374698c1d76c2b31e9b55bdeea47193aa48d8025",
+    "etcd-3.5.18-vendor.tar.gz": "c8b9c5dac4466a1cc528801aad1664fbd4cc7967f31f495187afd79e01d716f3"
   }
 }
diff --git a/SPECS/etcd/etcd.spec b/SPECS/etcd/etcd.spec
index 43fc23987a6..3c5e07bedef 100644
--- a/SPECS/etcd/etcd.spec
+++ b/SPECS/etcd/etcd.spec
@@ -2,8 +2,8 @@
 
 Summary:        A highly-available key value store for shared configuration
 Name:           etcd
-Version:        3.5.12
-Release:        2%{?dist}
+Version:        3.5.18
+Release:        1%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -44,7 +44,6 @@ Source1:        etcd.service
 #             --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \
 #             -cJf [tarball name] [folder to tar]
 Source2:        %{name}-%{version}-vendor.tar.gz
-Patch0:         CVE-2024-24786.patch
 BuildRequires:  golang >= 1.16
 
 %description
@@ -72,7 +71,6 @@ mkdir -p %{ETCD_OUT_DIR}
 for component in server etcdctl etcdutl; do
     pushd $component
     tar --no-same-owner -xf %{_builddir}/%{name}-%{version}/vendor-$component.tar.gz
-    patch -p1 -s --fuzz=0 --no-backup-if-mismatch -f --input %{PATCH0}
     go build \
         -o %{ETCD_OUT_DIR} \
         -ldflags=-X=go.etcd.io/etcd/api/v3/version.GitSHA=v%{version}
@@ -147,13 +145,16 @@ install -vdm755 %{buildroot}%{_sharedstatedir}/etcd
 /%{_docdir}/%{name}-%{version}-tools/*
 
 %changelog
+* Tue Feb 04 2025 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 3.5.18-1
+- Auto-upgrade to 3.5.18 - Upgrade to fix CVE-2023-39325, CVE-2023-44487 and CVE-2023-45288.
+
 * Tue Dec 03 2024 bhapathak <bhapathak@microsoft.com> - 3.5.12-2
 - Patch CVE-2024-24786
 
 * Fri May 24 2024 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 3.5.12-1
 - Auto-upgrade to 3.5.12 - none
 
-* Tue Oct 18 2023 Nicolas Guibourge <nicolasg@microsoft.com> - 3.5.9-1
+* Wed Oct 18 2023 Nicolas Guibourge <nicolasg@microsoft.com> - 3.5.9-1
 - Upgrade to 3.5.9 to match version required by kubernetes
 
 * Mon Oct 16 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 3.5.6-12
diff --git a/cgmanifest.json b/cgmanifest.json
index 9ffd3bc0b59..994c4f012e7 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -3368,8 +3368,8 @@
         "type": "other",
         "other": {
           "name": "etcd",
-          "version": "3.5.12",
-          "downloadUrl": "https://github.com/etcd-io/etcd/archive/v3.5.12.tar.gz"
+          "version": "3.5.18",
+          "downloadUrl": "https://github.com/etcd-io/etcd/archive/v3.5.18.tar.gz"
         }
       }
     },