CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability
Project:Docker
Product:Desktop Community Edition
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Docker Desktop Community Edition Privilege Escalation Vulnerability
Description
Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-15752