Critical Docker Vulnerability Explained: What You Need to Know
Overview of the Security Flaw
Recent updates from Docker have highlighted a severe security vulnerability affecting the Docker Desktop application for both Windows and macOS users. This flaw, identified as CVE-2025-9074, has a high Common Vulnerability Scoring System (CVSS) rating of 9.3 out of 10 and has been resolved in version 4.44.3 of the software.
Nature of the Vulnerability
The vulnerability allows a malicious container running within Docker Desktop to establish unauthorized access to the Docker Engine. Essentially, it could enable an attacker to launch additional containers without needing to mount the Docker socket, thereby opening up a pathway to the host system’s user files. Docker has indicated that enhanced security features, such as Enhanced Container Isolation (ECI), do not mitigate this specific vulnerability.
Technical Details
According to security researcher Felix Boulet, the issue stems from the ability of a container to communicate with the Docker Engine API at 192.168.65[.]7:2375 without requiring any authentication. This scenario can lead privileged containers to gain full access to their underlying host systems when the host’s C:\ drive is mounted within the container.
Proof-of-Concept Exploit
In a documented proof-of-concept (PoC), exploiting this vulnerability involves a couple of straightforward steps:
- Step 1: Send a POST request with a JSON payload to "/containers/create," which binds the host’s C:\ drive to a specific directory within the container (
/mnt/host/c:/host_root). - Step 2: Execute a POST request to "/containers/{id}/start" to launch the container and commence code execution.
Boulet explained this vulnerability as a fundamental oversight, where Docker’s internal HTTP API was unintentionally exposed to any container without proper authentication or access controls.
Impact on Different Operating Systems
Windows
Research by Philippe Dugre from PVOTAL Technologies revealed that on Windows versions of Docker Desktop, an attacker can use this vulnerability to mount the entire file system as an administrator. This access allows them to read sensitive files and overwrite system DLLs, lifting their privileges to that of the administrator.
macOS
In contrast, the macOS version of Docker Desktop provides a greater degree of security. The application includes protective layers that require user permission when mounting user directories. By default, Docker operates without administrative privileges and does not have unrestricted access to the entire file system, making macOS users less vulnerable compared to their Windows counterparts. However, regardless of these protections, attackers could still gain control over Docker applications and containers. They can alter the application’s configuration without needing any user authorization.
Linux Security
Interestingly, this vulnerability does not affect Linux users. The Linux version of Docker utilizes a named pipe in the host’s file system for communication, rather than a TCP socket, which fortifies its security against such vulnerabilities.
Alternative Attack Vectors
While the most straightforward means of exploiting this flaw is through a malicious container, there are alternative methods for attackers to gain access. A server-side request forgery (SSRF) flaw can also be utilized to proxy requests through vulnerable applications, potentially reaching the Docker socket. The impact of SSRF varies, as various HTTP request methods may be available, with some niche cases permitting POST, PATCH, and DELETE methods.
Conclusion
Staying informed about this critical vulnerability is essential for Docker users. While fixes have been released, understanding the nature of such flaws and implementing appropriate security measures is crucial for protecting sensitive data and maintaining system integrity. Regular updates and security practices can significantly mitigate the risks associated with vulnerabilities like CVE-2025-9074.
