HIGH 8.8

CVE-2026-44848: Portainer Plugin Management RBAC Bypass – Privilege Escalation in Community Edition

Portainer Community Edition versions 2.33.0 through 2.33.7, 2.39.x (before 2.39.2), and 2.40.x (before 2.41.0) fail to properly restrict access to Docker plugin management endpoints. This means any standard user granted access to a Docker endpoint through Portainer can perform privileged operations like installing and enabling plugins directly on the underlying Docker daemon—something normally restricted to administrators. The flaw stems from missing access control handlers on the /plugins/* endpoints, allowing RBAC bypass for a critical management function.

Source data · NVD / CISA · public domain

CVSS
3.1 · 8.8 HIGH · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-862
Affected products
2 configuration(s)
Published / Modified
2026-05-28 / 2026-06-17

NVD description (verbatim)

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints (/plugins/*) were not registered with a handler, so standard users with endpoint access could call privileged plugin operations — including installing and enabling plugins — directly against the underlying Docker daemon. The vulnerability is exposed when a non-admin Portainer user (Standard User role, or any role granted endpoint-level access) has been given access to a Docker endpoint via Portainer RBAC. This vulnerability is fixed in 2.33.8, 2.39.2, and 2.41.0.

2 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability exists in Portainer's endpoint access control layer. Plugin management endpoints (/plugins/*) lack proper authorization handlers, allowing them to pass requests directly to the Docker daemon without enforcing Portainer's role-based access control (RBAC). An authenticated user with Standard User role or any role with endpoint-level access can invoke privileged plugin operations on Docker endpoints they have been granted access to via Portainer. The issue affects version ranges 2.33.0–2.33.7, 2.39.0–2.39.1, and 2.40.x prior to 2.41.0. Remediation is available in versions 2.33.8, 2.39.2, and 2.41.0, which restore authorization checks on these endpoints.

Business impact

Plugin management is a privileged Docker operation that grants execution and persistence capabilities. An attacker with a compromised standard user account can install malicious plugins, escalate container capabilities, or maintain backdoor access to containerized workloads without administrator intervention. For organizations using Portainer to delegate container management to teams, this represents a significant privilege escalation risk. The impact extends to supply-chain risk if plugins are used in CI/CD or development environments, and to compliance violations if RBAC controls are expected to enforce role separation in audited deployments.

Affected systems

Portainer Community Edition versions 2.33.0–2.33.7, 2.39.0–2.39.1, and 2.40.x prior to 2.41.0 are affected. The vulnerability only manifests when a non-admin user has been explicitly granted endpoint-level access to a Docker endpoint via Portainer's RBAC configuration. Installations where all Docker endpoints are restricted to administrator-only access are not exposed to this vector, though endpoint sharing is a common delegation pattern in multi-team environments.

Exploitability

Exploitability is high. The attack requires valid Portainer credentials and RBAC-granted access to a Docker endpoint—a configuration that many organizations adopt to distribute container management tasks. No complex exploitation techniques are needed; standard plugin installation API calls are sufficient. The network-accessible nature of Portainer (typically deployed as a management dashboard) and the low barrier to entry (any authenticated standard user) make this a practical threat. However, the vulnerability is not yet tracked in CISA KEV, suggesting limited evidence of active exploitation in the wild at publication.

Remediation

Update Portainer Community Edition to version 2.33.8, 2.39.2, or 2.41.0 or later, depending on the deployed version series. These releases restore proper authorization handlers to the /plugins/* endpoints. Immediate workarounds are limited; however, organizations can temporarily restrict endpoint access via Portainer RBAC to administrator roles only until patching is feasible. Network-level controls (firewall rules limiting Portainer access to trusted administrative subnets) provide defense-in-depth but do not substitute for a code-level fix.

Patch guidance

Identify which Portainer version series is running in your environment (2.33.x, 2.39.x, or 2.40.x). For version 2.33.x, upgrade to 2.33.8 or later. For version 2.39.x, upgrade to 2.39.2 or later. For version 2.40.x, upgrade to 2.41.0 or later. Test the upgrade in a non-production environment first to verify compatibility with your Docker/Kubernetes orchestration setup and any custom RBAC policies. Portainer typically supports in-place upgrades; consult the official upgrade documentation for your deployment model (standalone, Docker Compose, or Kubernetes).

Detection guidance

Monitor Portainer audit logs for plugin-related API calls originating from non-admin users, particularly GET, POST, or PUT requests to /plugins/* endpoints. In Portainer's activity log, flag any plugin installation, enablement, or configuration changes by users with Standard User role or limited endpoint access. If available, enable verbose logging on the underlying Docker daemon to detect plugin operations initiated by service accounts associated with Portainer. Correlate Portainer audit events with container runtime logs to identify suspicious plugin deployments.

Why prioritize this

This vulnerability merits high priority because it enables privilege escalation within a trusted management interface. Standard users or delegated teams can gain capabilities normally reserved for administrators, potentially leading to container escape, lateral movement, or persistent backdoor installation. The combination of authenticated access, practical exploitability, and high business impact (plugin installation is a powerful operation) justifies immediate patching, particularly in multi-tenant or compliance-heavy environments where RBAC segregation is a control objective.

Risk score, explained

The CVSS 3.1 score of 8.8 (HIGH) reflects a network-accessible vulnerability requiring low privileges (authenticated user with endpoint access) and no user interaction, with high confidentiality, integrity, and availability impact. The score accurately captures the severity: a low-privileged attacker can move laterally or establish persistence within the container infrastructure. The attack vector is local to the Portainer network perimeter, not the public internet, which somewhat constrains blast radius but does not reduce the impact to an already-networked attacker.

Frequently asked questions

Does this affect Portainer Business Edition or only Community Edition?

The advisory specifies Community Edition. Verify whether Business Edition includes distinct authorization logic for plugin endpoints by consulting the Portainer security advisory or contacting Portainer support.

If a user has admin privileges in Portainer, are they already able to manage plugins?

Yes, administrators should have full access to plugin management as a normal function. This vulnerability affects non-admin users who should not have this capability but can bypass RBAC controls to invoke it.

Can we safely disable Docker plugin functionality to prevent exploitation while we patch?

Disabling plugins at the Docker daemon level would prevent the vulnerability, but this requires daemon configuration changes and may disrupt legitimate use cases. Restricting Portainer endpoint access via RBAC to admins only is a simpler interim control.

Is there a way to detect if this vulnerability has been exploited on our instance?

Review Portainer audit logs and Docker daemon logs for plugin-related operations by non-admin users. An absence of plugin calls from standard users is expected; any presence should trigger investigation and forensic review of container modifications during the affected window.

This analysis is based on the CVE description and CVSS vector as published. Patch availability and version numbers should be verified against the official Portainer security advisory before deployment. The vulnerability requires valid Portainer credentials and RBAC-configured endpoint access; air-gapped or single-admin Portainer instances may have lower exposure. This explainer does not constitute security advice; consult your organization's security and infrastructure teams when planning remediation. No working exploit code is provided; this summary is for defensive awareness only. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).