Privilege Escalation Vulnerability in Docker Desktop

Privilege Escalation Vulnerability in Docker Desktop

CVE-2021-37841 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with low privilege to read, write and possibly even execute code inside the containers.

Learn more about our Cis Benchmark Audit For Desktop Software.