CVE-2020-10665: 
Docker Desktop vulnerability analysis and mitigation

Docker Desktop contains a local privilege escalation vulnerability (CVE-2020-10665) that allows elevation to NT AUTHORITY\SYSTEM privileges. The vulnerability stems from mishandling the collection of diagnostics with Administrator privileges, which can lead to arbitrary DACL permissions overwrites and arbitrary file writes. The affected versions include Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0. The vulnerability was discovered in early 2020 and publicly disclosed on March 18, 2020 (Docker Release Notes, Active Labs).

The vulnerability has been assigned a CVSS v3.1 base score of 6.7 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-59 (Improper Link Resolution Before File Access). The issue specifically relates to how Docker Desktop handles diagnostics collection with Administrator privileges, which can be exploited to perform arbitrary DACL permissions overwrites and file writes (NVD).

When successfully exploited, this vulnerability allows an attacker to escalate privileges to NT AUTHORITY\SYSTEM level on the affected system. This gives the attacker the highest level of access on a Windows system, potentially allowing complete system compromise (Active Labs).

The vulnerability has been patched by Docker Inc. in multiple releases: Docker Desktop Enterprise 2.1.0.9, Docker Desktop for Windows Stable 2.2.0.4, and Docker Desktop for Windows Edge 2.2.2.0. Users are advised to upgrade to these versions or later to mitigate the vulnerability (Docker Release Notes).