Docker Desktop Vulnerability Allows Full Host Compromise via Exposed API
A critical vulnerability has been discovered in Docker Desktop for Windows, macOS and Linux distributions.
The vulnerability allows malicious containers to gain full access to the host system by misusing an exposed Docker Engine API endpoint.
Docker Desktop
Docker a must to have in modern enterprise infrastructure, as a strong foundation pillar that powers cloud-native applications including CI/CD pipelines and microservices at massive scale. Any vulnerabilities in Docker images and runtimes are particularly dangerous as they can open the door to severe supply-chain attacks, container escapes, data leaks, and even full host compromise.
| OEM | Docker |
| Severity | Critical |
| CVSS Score | 9.3 |
| CVEs | CVE-2025-9074 |
| POC Available | No |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
The vulnerability, considered as CVE-2025-9074, which affects Docker Desktop versions prior to 4.44.3. This exploitation requires no special configuration and can be triggered with minimal interaction. Docker has addressed this issue in version 4.44.3, administrator or user are suggested to upgrade to the latest version.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| Docker Engine API Exposure / Container Escape | CVE-2025-9074 | Docker Desktop (Windows, macOS, Linux) | Critical | v4.44.3 |
Technical Summary
The vulnerability comes from Docker Desktop’s internal API endpoint (http://192.168.65.7:2375) being accessible from any container running locally. The endpoint with lack of authentication allows privileged API commands such as creating new containers, mounting host directories, and controlling images.
On Windows with WSL, this becomes riskier because attackers could mount your C: drive with the same rights, giving them full access to the machine. With the safety settings like Enhanced Container Isolation (ECI) or disabling TCP exposure, don’t fully block this problem.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-9074 | v4.25 before v4.44.3 | An internal HTTP API is automatically open to containers on the default network. This could allow us to run powerful commands – creating containers, managing images or accessing the host system | Full host compromise, including file system and resource access |
Remediation:
- Upgrade to Docker Desktop version 4.44.3 or later across all supported platforms.
Recommendations:
Here are some recommendations below
- Don’t depend only on container isolation, treat development tools as part of the security perimeter.
- Use network segmentation and zero-trust controls to protect container workloads.
- Monitor container traffic for unauthorized API access attempts.
- Apply strict IAM rules and give users only the permissions they really need on Docker hosts.
Conclusion:
CVE-2025-9074 is a critical container escape vulnerability exposing host systems to complete compromise. While no active exploitation has been reported, the weakness is easy to exploit. Immediate patching and environment hardening are strongly recommended for all Docker Desktop users.
References:
Recent Comments