Docker Desktop: Critical vulnerability allows host access
In Docker Desktop, malicious containers can access the host system, protective measures are not effective. An update helps.
(Image: Da Da Diamond/Shutterstock.com)
In the container software Docker Desktop, attackers can access the Docker engine and subsequently the file system of the host system from malicious containers. Updated software is available to close the security gap.
In the release announcement, Docker summarizes succinctly: Malicious containers running in Docker Desktop can access the Docker engine and launch additional containers without the need for the Docker socket to be mounted. This can allow unauthorized access to user files in the host system, Enhanced Container Isolation (ECI) does nothing against this vulnerability (CVE-2025-9074 / EUVD-2025-25308, CVSS 9.3, risk"critical").
The vulnerability report itself goes into more detail. Locally running Linux containers can reach the Docker Engine API via the configured subnet, by default at 192.168.65.7:2375. The vulnerability occurs regardless of whether Enhanced Container Isolation (ECI) is enabled or how the option "Expose daemon on tcp://localhost:2375 without TLS" has been configured. This allows a number of privileged commands to be executed to the Docker Engine API, including controlling other containers, creating new containers, managing images and so on. In some circumstances, such as when running Docker Desktop for Windows with WSL backend, this also allows mounting the host drive with the privileges of the user account running Docker Desktop.
Security gap closed with update
To prevent this, IT managers should update to Docker Desktop 4.44.3 or newer. The developers have ironed out the security-relevant bugs.
Videos by heise
The updated Docker packages are available to download directly:
- Docker Desktop 4.44.3 (Windows)
- Docker Desktop 4.44.3 (Windows ARM [Early Access])
- Docker Desktop 4.44.3 (macOS / Apple Silicon)
- Docker Desktop 4.44.3 (macOS / Intel)
- Docker Desktop 4.44.3 (Debian)
- Docker Desktop 4.44.3 (RPM)
- Docker Desktop 4.44.3 (Arch)
At the end of April, Docker released an update for Docker Desktop for Windows. In it, the programmers closed a vulnerability classified as high-risk, which allowed attackers to extend their rights.
(dmk)
