Docker has released security updates to address a vulnerability (CVE-2025-9074) that could potentially allow an attacker to break out of the confines of a container.
Severity level:-
CVSS Score: 9.3/Critical.
Description:- Docker Desktop is a widely used containerization platform for Windows and macOS. CVE-2025-9074 is a critical vulnerability caused by Docker Desktop exposing its internal Docker Engine API at 192.168.65.7:2375 without authentication. This flaw allows a malicious container to access the Docker API and perform unauthorized actions such as launching new containers, mounting host drives, and modifying host files.
Affected Versions :-
- Docker Desktop for Windows before version 4.44.3.
- Docker Desktop for macOS before version 4.44.3.
Impact:-
Successful exploitation may result in container escape and arbitrary code execution on the host system with elevated privileges.
Resolution:- Please update to the following patched versions:
- Docker Desktop 4.44.3 or later for Windows.
- Docker Desktop 4.44.3 or later for macOS.
References:-
https://nvd.nist.gov/vuln/detail/CVE-2025-9074
https://www.cyber.gc.ca/en/alerts-advisories/docker-security-advisory-av25-546
https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html