Cybersecurity - Insights, Cybersecurity - News

Critical Docker Desktop Vulnerability Allows Host Takeover

Posted on by Karmina Clemente
26
Aug

A serious security flaw in Docker Desktop has been discovered that allows attackers to gain control over containers, access the host file system, and escalate privileges to administrator levels.

About the Vulnerability

Identified as CVE-2025-9074 with a CVSS score of 9.3, the vulnerability is classified as a container escape issue, affecting both Windows and macOS versions of Docker Desktop.

According to Docker’s advisory, a malicious container could interact with the Docker Engine to launch additional containers without requiring the Docker socket to be mounted, potentially granting unauthorized access to files on the host system.

This flaw can be exploited regardless of whether Enhanced Container Isolation (ECI) is enabled. Docker patched the vulnerability in version 4.44.3.

How the Attack Works

Security researcher Felix Boulet explains that in the affected versions, any container can access Docker’s internal HTTP API without authentication. This allows an attacker to:

  1. Connect to the API via the internal IP address
  2. Create and start a privileged container
  3. Mount the host’s file system, gaining full access

White-hat hacker Philippe Dugre warns that exposing the Docker Engine socket to untrusted users or code is extremely dangerous, as it grants full control over all Docker capabilities.

On Windows, attackers could exploit this vulnerability to mount the host file system and overwrite critical system DLLs, effectively obtaining administrative privileges. On macOS, the flaw allows attackers to control other containers or manipulate Docker Desktop configurations. However, macOS includes an additional layer of isolation, prompting users for permission when mounting directories, and Docker Desktop does not run with administrative rights by default.

Exploitability and Mitigation

CVE-2025-9074 is considered easy to exploit, provided the attacker has access to a Docker Engine running on Windows or macOS. Exploitation can occur via:

  • A malicious container
  • A server-side request forgery (SSRF) attack that proxies requests through a vulnerable application

Organizations using Docker Desktop on Windows or macOS should update immediately to version 4.44.3 or later and ensure proper restrictions on the Docker Engine socket to prevent unauthorized access.

Source: https://www.securityweek.com/docker-desktop-vulnerability-leads-to-host-compromise

Karmina Clemente