A newly revealed vulnerability in Docker Desktop has prompted urgent warnings from researchers, tracked as CVE-2025-9074, which received a CVSS rating of 9.3, that the flaw could let attackers break out of the container layer and gain control over the host machine itself. Docker has already rolled out a fix in version 4.44.3, urging that users should apply the update without delay to avoid exposure.
Security researcher Felix Boulet identified that Docker Desktop’s internal networking permitted containers to access the Docker Engine API at 192[.]168.65.7:2375 without authentication. Containers were able to execute privileged API commands, such as /containers/create to mount host drives and /containers/{id}/start to deploy malicious payloads with host-level privileges. This vulnerability allowed even non-privileged containers to perform sensitive operations, including creating new instances, mounting host drives, and modifying files. Docker subsequently acknowledged the issue and confirmed that the Enhanced Container Isolation (ECI) feature did not prevent these attacks.
Proof-of-concept demonstrations revealed that with only two web requests, a container could mount the host’s C: drive and gain immediate access to the file system. Researcher Philippe Dugré demonstrated that on Windows systems, this vulnerability allowed attackers to modify system dynamic-link libraries (DLLs) and escalate privileges to full administrator control. On macOS, the risk was reduced due to system prompts when mounting directories. However, attackers could still alter Docker configuration files and establish persistent access.
In this instance, Linux systems were unaffected, as they use named pipes instead of a TCP socket, but the flaw still highlights how a single design gap can create widespread risk in container platforms. The real concern lies not only in the technical damage it can cause but also in how little effort is needed to exploit it. Researchers noted that, in some scenarios, the vulnerability could even be exploited through a Server-Side Request Forgery (SSRF), giving attackers a way in without direct system access.
Although there have been no reports of CVE-2025-9074 being exploited in the wild, its disclosure highlights that container platforms can serve as entry points for significant security breaches if not properly managed. Docker has advised users to install the latest patch and enhance monitoring of container activity. Security analysts warn that failure to address this vulnerability may expose organizations to data theft, supply chain attacks, or complete host compromise in environments where containers are integral to daily operations.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn and Instagram to keep the spark alive.
