The host is installed with Docker Desktop before 4.6.0 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle an issue in the hyperv/destroy dockerBackendV2 API. Successful exploitation could allows attackers to delete any file via a symlink in the DataFolder parameter.