Particle.news
Download on the App Store
5 ARTICLES
·
1h ago

Docker Patches Critical Desktop Flaw Allowing Container Escapes on Windows and macOS

Docker Desktop 4.44.3 closes CVE-2025-9074 exposed by researchers using the app’s unauthenticated internal Engine API.

Image
Image

Overview

  • CVE-2025-9074 carries a CVSS score of 9.3 and is resolved in Docker Desktop version 4.44.3 for Windows and macOS.
  • Researcher Felix Boulet showed any container could reach http://192.168.65.7:2375 without authentication to issue privileged Engine API commands.
  • A simple proof-of-concept used two HTTP POST requests to create and start a container that mounts the Windows host C: drive for read and write access.
  • Impact differs by platform as Windows with WSL2 allows full filesystem mounts and potential DLL overwrite for administrator escalation, macOS prompts limit direct access yet configuration backdooring remains possible, and Linux Desktop is unaffected due to a named pipe design.
  • Docker confirms Enhanced Container Isolation does not mitigate this path, researchers warn SSRF can proxy requests to the API in some cases, and operators are urged to update, avoid untrusted containers, restrict API exposure, and monitor for suspicious calls.