vulnerability

Docker Desktop: CVE-2020-10665: Improper Link Resolution Before File Access

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Mar 18, 2020	Nov 3, 2025	Nov 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Mar 18, 2020

Added

Nov 3, 2025

Modified

Nov 3, 2025

Description

Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0.

Solution

docker-desktop-upgrade-latest

References

CVE-2020-10665
https://attackerkb.com/topics/CVE-2020-10665
URL-https://docs.docker.com/release-notes/
URL-https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-002.md
URL-https://github.com/spaceraccoon/CVE-2020-10665
CWE-59

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today