Execute arbitrary code on the Docker Server exploiting these 3 vulnerabilities

In this day and age of containerization, Docker Desktop stands strong as a guiding light for developers in the direction of simplicity. Docker Desktop has been welcomed by developers all over the globe for the purpose of constructing, operating, and distributing containerized applications due to its intuitive graphical user interface and one-click installation method. On the other hand, there is a proverb that states, “With great power comes great responsibility.” However, it was only recently revealed that it has three major security flaws that need to be fixed. Because to these vulnerabilities, an attacker may be able to execute arbitrary code on the computer of a victim, get access to higher-level privileges, or circumvent security constraints.

CVE-2023-0625: Docker Desktop Remote Code Execution

The severity of this issue is high (9.8 on the CVSS scale). Docker Desktop versions prior to 4.12.0 are included in this category.

By including a specially written extension description or changelog, a malicious actor might attack Docker Desktop. Remote Code Execution (RCE) is enabled as a result of the CVE-2023-0625 vulnerability, which gives third parties that are not allowed possible complete access over the system of the victim.

CVE-2023-0626: Docker Desktop Remote Code Execution

The severity of this issue is high (9.8 on the CVSS scale).Docker Desktop versions prior to 4.12.0 are included in this category.

The manipulation of query parameters in the message-box route is yet another entry point that may be used by attackers. The vulnerability known as CVE-2023-0626 enables remote code execution, which may transform an innocuous-looking message box into a digital trojan horse.

    CVE-2023-0627: Docker Desktop Local Privilege Escalation

    CVSS score of 7.8 indicates a high severity. Docker Desktop versions 4.11.x and earlier are affected.

    To sum up: The ‘–no-windows-containers’ switch may be circumvented by an attacker if they fake the responses received from the IPC. The vulnerability identified as CVE-2023-0627 might result in Local Privilege Escalation (LPE), which would allow an attacker to further extend their foothold inside the system.
    Docker has not yet been aware of any active efforts to exploit these vulnerabilities, although this may change in the near future. Nevertheless, the world of digital technology is always undergoing change. The door is left slightly ajar for possible cyber attackers as a result of serious defects that are present in popular software platforms like Docker Desktop.

    Because of the severity of these vulnerabilities, particularly the two that have a CVSS score of 9.8, hackers may be encouraged to exploit them, which would pave the way for widespread security breaches. The exploitation of such vulnerabilities may result in the creation of hostile botnets, the release of ransomware, or unauthorized access to sensitive data.

    Urgent action is absolutely necessary for individuals and companies who have Docker Desktop incorporated into their workflow. The most important step is to make sure that you are using Docker Desktop 4.12.0 or the most recent version. The risks caused by these vulnerabilities may be considerably reduced by installing this rather simple update.

    In addition to bringing your installation of Docker Desktop up to the most recent version, there are a number of additional steps you may take to protect yourself against the vulnerabilities described here.

    Employ the use of a safe container registry. Keep your container images safe by storing them in a container registry like Docker Hub or Amazon Elastic Container Registry (ECR), for example.
    Perform a vulnerability scan on all of your photos. Snyk and Clair are two examples of useful tools that may be used to do vulnerability testing on container images before they are put into production.
    Make use of the least privilege. Only provide the rights to your containers that are necessary for them to operate. When possible, avoid starting containers with the root user’s rights.
    Be sure to keep an eye on your containers. Utilizing a platform such as Docker Swarm or Kubernetes, keep an eye on your containers to make sure nothing fishy is going on.