Back to KEVs

CVE-2019-15752

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file...

Basic Information

CVE State
PUBLISHED
Reserved Date
August 28, 2019
Published Date
August 28, 2019
Last Updated
February 04, 2025
Vendor
Docker
Product
Docker Desktop Community Edition
Description
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.
Tags
cisa metasploit_scanner

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2021-11-03 00:00:00 UTC) Source

References

https://medium.com/%40morgan.henry.roman/elevation-of-privilege-in-docker-for-windows-2fd8450b478e http://packetstormsecurity.com/files/157404/Docker-Credential-Wincred.exe-Privilege-Escalation.html https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/docker_credential_wincred.rb 2025-04-29 11:01:41 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

docker_credential_wincred

Type: metasploit • Created: Unknown

Metasploit module for CVE-2019-15752

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Metasploit