A critical vulnerability in Portainer Community Edition permits non-admin users to escalate privileges to host root code execution via direct interaction with the Docker daemon.

This vulnerability resides in the Role-Based Access Control (RBAC) layer. It allows a non-admin user who has access to a Docker endpoint to bypass security checks and call privileged plugin operations directly against the underlying Docker daemon.

Assigned a CVSS score of 8.8, this vulnerability is extremely dangerous as it enables host-level root code execution. A successful exploit could lead to complete system compromise, unauthorized access to all containerized data, and lateral movement within the environment, resulting in catastrophic business impact.

Immediate Action: Update Portainer Community Edition to versions 2.33.8, 2.39.2, or 2.41.0 immediately.

Proactive Monitoring: Monitor Docker daemon logs and Portainer audit logs for suspicious API calls or unauthorized plugin management activities.

Compensating Controls: Implement the principle of least privilege by restricting user access to Docker endpoints and utilizing host-based intrusion detection systems.

Public Exploit Available: true

Given the availability of public exploits and the severity of root-level code execution, this patch should be treated as an emergency. Administrators must apply the recommended updates immediately to prevent attackers from gaining full control over the container infrastructure and the underlying host.