Lucene search
Hashim Jawad (@ihack4falafel)ZDI-22-1046HistoryAug 04, 2022 - 12:00 a.m.
Docker Desktop Exposed Dangerous Method Local Privilege Escalation Vulnerability
2022-08-0400:00:00
Hashim Jawad (@ihack4falafel)
www.zerodayinitiative.com
15
0.001 Low
EPSS
Percentile
49.0%
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the com.docker.service module. The module exposes a dangerous function to unprivileged users. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
nessus
nessus
Docker Desktop < 4.5.0 Incorrect File Permissions
2023-09-15 00:00:00
nvd
nvd
CVE-2022-23774
2022-02-01 06:15:06
CVE-2022-25365
2022-02-19 02:15:06
zdi
zdi
Docker Desktop Link Following Denial-of-Service Vulnerability
2022-09-29 00:00:00
cve
cve
CVE-2022-23774
2022-02-01 06:15:06
CVE-2022-25365
2022-02-19 02:15:06
prion
prion
Code injection
2022-02-01 06:15:00
Code injection
2022-02-19 02:15:00
cvelist
cvelist
CVE-2022-23774
2022-02-01 05:30:18
CVE-2022-25365
2022-02-19 01:56:06