CVE-2025-9074 - Critical Docker Desktop Vulnerability

August 26, 2025

CVE-2025-9074 - Critical Docker Desktop Vulnerability Exposes Docker Engine API – Immediate Action Required

Description:

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS allows local Linux containers to access the Docker Engine API. This flaw, with a CVSS score of 9.3, could allow attackers to control containers and escalate privileges. Docker has issued an urgent update to address this security risk.

Summary

A severe vulnerability (CVE-2025-9074) was discovered in Docker Desktop, exposing the Docker Engine API to local containers. This flaw impacts both Windows and macOS versions, enabling unauthorized access and the execution of privileged commands. Docker has released a fix in version 4.44.3, and users are strongly advised to update immediately.

Highlights

• 🚨 Critical API Exposure: A Docker Desktop vulnerability allows containers to access the Docker Engine API without authentication, with a CVSS score of 9.3.

• 🛑 Privileged Command Execution: The flaw enables containers to execute privileged commands, such as controlling other containers and managing images.

• 💻 Platform-Specific Risks: On Windows, attackers can read sensitive files and escalate privileges; macOS users risk full control of Docker and its configuration.

• 🌐 Multiple Attack Vectors: Malicious containers or SSRF attacks could exploit this vulnerability to compromise systems.

• 🛠️ Immediate Update Available: Docker has addressed the issue in version 4.44.3. Users must update to mitigate risks.

• 🚫 No Impact on Linux: Linux installations are safe due to their different socket implementation for Docker.

• 🔒 Simple Mitigation: Once updated, no additional workarounds are required for Docker Desktop users to secure their systems.