Docker Desktop danger discovered, patch now

2020-05-26 14:56

Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its service.

The bug, discovered by Ceri Coburn, a researcher at security consultancy Pen Test Partners, exposed Docker for Windows to privilege elevation.

Docker is a container system that lets administrators run applications in their own environments.

There are two Docker components running under Windows that are important to this vulnerability: Docker Desktop Service and Docker Desktop for Windows.

Once docker is connected, we impersonate the connecting client, which is SYSTEM, and launch a new process using the CreateProcessWithTokenW API. CreateProcessWithTokenW is a Win32 API that lets you create new processes.

News URL

https://nakedsecurity.sophos.com/2020/05/26/docker-desktop-danger-discovered-patch-now/

#desktop #docker #patch

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Docker		24	3	26	28	16	73