CVE-2019-15752

high-risk

Published 2019-08-28

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.

Do I need to act?

49.3% chance of exploitation in next 30 days

EPSS score — higher than 51% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

1 public exploit available

48388

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (2)

Docker

Geode

Affected Vendors

Apache Docker

References (7)

Exploit http://packetstormsecurity.com/files/157404/Docker-Credential-Wincred.exe-Privil...

Mailing List https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741...

Exploit https://medium.com/%40morgan.henry.roman/elevation-of-privilege-in-docker-for-wi...

Exploit http://packetstormsecurity.com/files/157404/Docker-Credential-Wincred.exe-Privil...

Mailing List https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741...

Exploit https://medium.com/%40morgan.henry.roman/elevation-of-privilege-in-docker-for-wi...

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-...

/ 100

high-risk

Severity 24/34 · High

Exploitability 32/34 · Critical

Exposure 7/34 · Low