A severe privilege escalation vulnerability, tracked as CVE-2020-11492, has been addressed in the Windows Docker Desktop Service. Cybersecurity researchers from Pen Test Partners publicly disclosed a privilege escalation vulnerability in the Windows Docker Desktop Service. The CVE-2020-11492 issue affects the way the service uses named pipes when communicating as a client to child processes. “Docker Desktop for Windows suffers from a privilege escalation vulnerability to SYSTEM. The core of the issue lies with the fact that the Docker Desktop Service, the primary Windows service for Docker, communicates as a client to child processes using named pipes.” reads the analysis published by Pen Test Partners. “The high privilege Docker Desktop Service can be tricked into connecting to a named pipe that has been setup by a malicious lower privilege process. Once the connection is made, the malicious process can then impersonate the Docker Desktop Service account (SYSTEM) and execute arbitrary system commands with the highest level privileges.” Experts discovered that the Docker Desktop Service can be tricked by attackers into connecting to a named pipe that has been set up by a malicious lower privilege process.
Read full article on Security Affairs