- Researchers find 9.3/10 flaw in Docker Desktop for Windows and macOS
- The bug allows threat actors to compromise underlying hosts and tamper with data
- A fix was quickly released, so users should patch now
Docker has patched a critical severity vulnerability in its Desktop app for Windows and macOS which could have allowed threat actors to fully take over vulnerable hosts, exfiltrate sensitive data, and more.
The vulnerability is described as a server-side request forgery (SSRF) and, according to the NVD, it “allows local running Linux containers to access the Docker Engine API via the configured Docker subnet.”
“A malicious container running on Docker Desktop could access the Docker Engine and launch additional containers without requiring the Docker socket to be mounted,” Docker said in a follow-up security advisory. “This could allow unauthorized access to user files on the host system. Enhanced Container Isolation (ECI) does not mitigate this vulnerability.”
Not all systems are affected in the same way
The bug was discovered and reported by security researcher Felix Boulet. It is now tracked as CVE-2025-9074 and was given a severity rating of 9.3/10 (critical).
However, a separate researcher, Philippe Dugre, stressed that the risk is not the same on all platforms, noting it’s actually somewhat greater on Windows, compared to macOS.
This is due to the safeguards baked into the macOS operating system. Dugre managed to create a file in the user’s home directory on Windows, but not on macOS:
“On Windows, since the Docker Engine runs via WSL2, the attacker can mount as an administrator the entire filesystem, read any sensitive file, and ultimately overwrite a system DLL to escalate the attacker to administrator of the host system,” Dugre explained.
“On MacOS, however, the Docker Desktop application still has a layer of isolation and trying to mount a user directory prompts the user for permission. By default, the docker application does not have access to the rest of the filesystem and does not run with administrative privileges, so the host is a lot safer than in the Windows case,” he added.
Docker fixed it in Desktop version 4.44.3, so users are advised to upgrade as soon as possible.
Via BleepingComputer