Are you a Docker customer? If so, you should upgrade to the latest version of Docker immediately. Security researchers have detailed a proof-of-concept (PoC) attack exploiting a critical vulnerability, which could lead to full container escape. Learn more:
The CVE-2019-14271 flaw was fixed in Docker version 19.03.1, but if left unpatched could give an attacker full root code execution on the host.
“The vulnerability can be exploited, provided that a container has been compromised by a previous attack (e.g. through any other vulnerability, leaked secrets, etc.), or when a user runs a malicious container image from an untrusted source (registry or other),” explained Palo Alto Networks senior security researcher, Yuval Avrahami.
“If the user then executes the vulnerable cp command to copy files out of the compromised container, the attacker can escape and take full root control of the host and all other containers in it.”
