Security Advisory

CVE-2020-11492

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-05 13:10:17
Last updated 2024-08-04 11:35:12
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.