CVE-2023-0633

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 25, 2023

CWE ID 88

Summary

CVE-2023-0633 is a vulnerability affecting Docker Desktop on Windows prior to version 4.12.0. An argument injection in the installer functionality can be exploited to achieve local privilege escalation (LPE), granting attackers elevated system access. This issue poses a significant risk to systems using unpatched Docker Desktop installations. Users are encouraged to upgrade to the latest version as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Docker Desktop

Affected Vendors

Docker Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/syn7Ir
https://www.cve.org/CVERecord?id=CVE-2023-0633
https://nvd.nist.gov/vuln/detail/CVE-2023-0633

Back to Vulnerability Database