Researchers hacked the Docker test platform called Play-with-Docker, allowing them to access data and manipulate any test Docker containers running on the host system. The proof-of-concept hack does not impact production Docker instances, according to CyberArk researchers that developed the proof-of-concept attack.
“The team was able to escape the container and run code remotely right on the host, which has obvious security implications,” wrote researchers in a technical write-up posted Monday.