Docker Desktop Vulnerability Allows Unauthorized Access to Docker Engine API
CVE-2025-9074

9.3CRITICAL

Key Information:

Vendor: Docker
Status: Docker Desktop
Vendor: CVE Published:; 20 August 2025

Badges

🔥 Trending now📈 Trended📈 Score: 4,970

What is CVE-2025-9074?

CVE-2025-9074 is a vulnerability found in Docker Desktop, a popular application used for developing, shipping, and running applications within containers. The primary purpose of Docker Desktop is to provide an easy way to manage Docker containers on desktops, thereby streamlining development workflows. This vulnerability allows local running Linux containers to gain unauthorized access to the Docker Engine API through the preconfigured Docker subnet. It affects configurations regardless of whether Enhanced Container Isolation (ECI) or the option to expose the daemon on a TCP socket without TLS is enabled.

The implications of this vulnerability are significant. Attackers exploiting this flaw could execute a wide range of privileged commands via the Docker Engine API—these actions include managing existing containers, creating new containers, and altering images. Furthermore, under certain circumstances, such as when operating Docker Desktop for Windows with a Windows Subsystem for Linux (WSL) backend, attackers might also gain the ability to mount the host drive with the same permissions as the user running Docker Desktop. This level of access poses considerable risks to system integrity and confidentiality within an organization.

Potential impact of CVE-2025-9074

Unauthorized Access and Control: The vulnerability may enable malicious actors to gain control over the Docker Engine API, allowing them to manipulate existing containers, potentially executing arbitrary commands or disrupting services.
Data Exposure: With the capability to mount the host drive with user privileges, attackers could gain access to sensitive data stored on the host system, leading to potential data breaches and loss of confidentiality.
Operational Disruption: By exploiting this vulnerability, attackers could disrupt the operations of applications that rely on Docker containers, leading to downtime or degraded performance, which in turn affects business operations and customer satisfaction.

Affected Version(s)

Docker Desktop Windows 4.25 < 4.44.3

References

https://docs.docker.com/desktop/release-notes/#4443

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📈
Vulnerability started trending
Aug 23, 2025
Vulnerability published
Aug 20, 2025
Vulnerability Reserved
Aug 15, 2025

Credit

Felix Boulet

zer0x64 (Philippe Dugre)