Particle.news
Download on the App Store
3 ARTICLES
·
2h ago

Docker Patches Critical Desktop Flaw Allowing Container Escape on Windows and macOS

Unauthenticated access to an internal Docker Engine API from within containers exposed host data, with risk highest on Windows.

Image

Overview

  • The vulnerability is tracked as CVE-2025-9074 with a CVSS score of 9.3 and is fixed in Docker Desktop 4.44.3 released last week.
  • Researcher Felix Boulet found the Docker Engine API reachable from containers at 192.168.65.7:2375 without authentication.
  • A simple proof-of-concept uses two HTTP POST requests to create and start a container that binds the Windows C: drive, enabling host file access.
  • PVOTAL’s Philippe Dugre reports severe impact on Windows via WSL2, including potential DLL overwrite for admin escalation, reduced impact on macOS due to permission prompts, and no effect on Linux.
  • Docker notes Enhanced Container Isolation does not mitigate the issue, and attackers could also exploit SSRF paths that forward POST requests to the exposed API.