CVE-2020-11492

2020-06-05T14:15:00
ID CVE-2020-11492
Type cve
Reporter cve@mitre.org
Modified 2020-06-10T18:27:00

Description

An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.