The affected products and versions present a vulnerability due to a vulnerable integrated software component the docker runc <= 1.1.11. In the worst-case scenario, the integrated Docker container environment could be compromised, potentially enabling the execution of arbitrary code within the Docker environment or neighboring Docker containers if dockerfiles or Docker images from untrusted sources are utilized.
It's crucial to emphasize that while the Docker environment is vulnerable, the host operating system remains
unharmed due to its isolation from the Docker environment within the ads-tec products.
Using Docker images or Dockerfiles from untrusted sources poses a risk. This advice is especially pertinent for Docker use in productive operational technology (OT) environments, and it's our expectation that our customers adhere strictly to this guidance anyway.