A critical security vulnerability has been identified in the Docker Desktop application for Windows and macOS, tracked as CVE-2025-9074, with a CVSS score of 9.3. This flaw allows a malicious container to access the Docker Engine API without authentication, potentially leading to unauthorized access to user files on the host system. The vulnerability has been addressed in version 4.44.3 of Docker Desktop. Notably, Enhanced Container Isolation (ECI) does not mitigate this issue, highlighting the severity of the threat.
The vulnerability stems from an oversight where Docker's internal HTTP API is accessible from any container without authentication or access controls. This flaw can be exploited by sending a web request from any container to trigger a full compromise of the host system. On Windows, an attacker can mount the entire file system as an administrator, read sensitive files, and escalate privileges by overwriting system DLLs. On macOS, while there is an additional layer of isolation, attackers can still control the Docker application and modify its configuration without user approval.
This vulnerability does not affect the Linux version of Docker Desktop, as it uses a named pipe instead of a TCP socket for the Docker Engine's API. The primary attack vector is through a threat actor-controlled malicious container, but a server-side request forgery (SSRF) flaw could also be used to exploit this vulnerability.
The critical vulnerability CVE-2025-9074 in Docker Desktop allows containers to access the Docker Engine API without authentication, posing a significant risk of unauthorized access to host systems. This flaw can lead to full system compromise, particularly on Windows, where attackers can gain administrative privileges and manipulate system files. On macOS, while the risk is reduced due to additional isolation layers, attackers can still backdoor the Docker application.
The vulnerability is primarily exploitable through malicious containers controlled by threat actors. However, SSRF flaws present an alternative attack vector, enabling attackers to proxy requests through the vulnerable application to reach the Docker socket. The impact of such attacks varies based on the HTTP request methods available.
Clients using Docker Desktop on Windows are at high risk of operational disruptions due to potential unauthorized access and privilege escalation by attackers. This could lead to data breaches, financial losses, and significant reputation damage. On macOS, while the risk is lower, there remains a threat of unauthorized control over Docker applications.
From a compliance perspective, organizations may face regulatory challenges if sensitive data is accessed or compromised due to this vulnerability. This could result in audits or penalties for failing to protect user data adequately.
To mitigate the risks associated with this vulnerability, clients should take the following actions:
By implementing these measures, clients can significantly reduce their exposure to this critical vulnerability and enhance their overall security posture.
1898 & Co. is actively addressing the current threat landscape by offering specialized services to help clients secure their container environments. We provide thorough assessments of container configurations and implement robust access controls to prevent unauthorized access.
Our team is updating existing security protocols to incorporate the latest threat intelligence and best practices for container security. We are collaborating with industry allies and government agencies to share insights and develop comprehensive solutions for emerging threats.
Ongoing research and threat intelligence gathering activities are central to our approach, ensuring that we remain at the forefront of cybersecurity developments. Our case studies demonstrate successful mitigations of similar vulnerabilities, providing clients with confidence in our ability to protect their systems.