Unrated severityNVD Advisory· Published Jun 5, 2020· Updated Aug 4, 2024
CVE-2020-11492
CVE-2020-11492
Description
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Docker/Docker Desktopdescription
Patches
Vulnerability mechanics
References
2- docs.docker.com/docker-for-windows/release-notes/mitrex_refsource_MISC
- www.pentestpartners.com/security-blog/docker-desktop-for-windows-privesc-cve-2020-11492/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.