CVE-2025-9074
Published Aug 20, 2025
Last updated 6 months ago
- Description
- A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
- Source
- security@docker.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- security@docker.com
- CWE-668
- Hype score
- Not currently trending
Heads up Docker users — CVE-2025-9074 is a nasty one. Containers can reach the Engine API without auth and escape to the host. CVSS 9.3, PoC is already out there. If you're on Desktop 4.25–4.44.2, update to 4.44.3 ASAP. #DockerSecurity #InfoSec
@ScanSafeGuard
14 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-9074 in Docker Desktop <4.44.3 lets malicious containers access the Engine API unauthenticated, enabling host file access & escape. https://t.co/RbaewwFDXo #Cybersecurity #DockerDesktop #DockerSecurity #Vulnerability #ThreatIntel #DevSecOps #Exploit #PatchNow h
@redsecuretech
10 Feb 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-9074 : CRITICAL VULNERABILITY ALERT @docker 🚨 A major container escape and privilege escalation flaw has been disclosed in Docker Desktop for Windows & macOS. The Risk Severity: 9.3/10 (Critical) Impact: Unauthenticated Container Escape & Host Takeover
@OstorlabSec
13 Jan 2026
93 Impressions
4 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
【漏洞】一个容器逃逸漏洞POC,Docker API 未认证远程代码执行(CVE-2025-9074) https://t.co/GM69tRxkJS https://t.co/nTO7Pvu5aM
@cybersecuritysl
4 Jan 2026
19812 Impressions
47 Retweets
297 Likes
158 Bookmarks
6 Replies
0 Quotes
🐛 Exploit CVE-2025-9074 with this specialized API framework for Docker. 🐳 Enhance your security assessments and penetration testing. 🛠️ #exploit #cybersecurity #Docker #CVE20259074 https://t.co/x7fHoWNkjs
@TheExploitLab
3 Jan 2026
117 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
2025年 実際に悪用された高リスク脆弱性 Top10 1 Langflow 未認証コード実行 CVE-2025-3248 2 Microsoft SharePoint Server RCE(ToolShell) CVE-2025-53770 / CVE-2025-53771 3 sudo 権限昇格(chroot処理不備) CVE-2025-32463 4 Docker Desktop コンテ
@yousukezan
1 Jan 2026
1476 Impressions
1 Retweet
15 Likes
7 Bookmarks
0 Replies
0 Quotes
🚨 Your CI/CD pipeline just shipped malware. • Jun 2024 — PyPI supply-chain attack • Jun 2025 — react-native-aria compromise via stolen token • Aug 2025 — CVE-2025-9074 → Docker Desktop escape • Sept 2025 — massive npm breach → CISA MFA mandates > https
@MNovofastovsky
10 Oct 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
What if a simple Docker container could take over your entire system? S2W's Threat Intelligence Center, TALON has released a new report on a critical vulnerability (CVE-2025-9074) found in Docker Desktop. 👉 Learn more: https://t.co/sYBC5OpGoR https://t.co/ddpfDD88PD
@S2W_Official
30 Sept 2025
167 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-9074
@transilienceai
7 Sept 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
🚨 Docker patched a CRITICAL container escape vulnerability, CVE-2025-9074 (CVSS 9.3)! This critical fix prevents attackers from breaking out of containers. Update your Docker installations ASAP! #DockerSecurity #Cybersecurity https://t.co/isrOAZUllq
@xcybersecnews
6 Sept 2025
259 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-9074: Windows/macOS Docker Container Escape Vulnerability A container escape vulnerability occurs because the Docker Engine API is exposed inside the container without any authentication or access restrictions. https://t.co/MPlgqCufck
@hackyboiz
6 Sept 2025
1689 Impressions
3 Retweets
26 Likes
7 Bookmarks
0 Replies
0 Quotes
⚠️ Weekly vuln radar. https://t.co/Cd6L8ACyLV – spot what’s trending before it’s everywhere: CVE-2025-43300 CVE-2025-48539 CVE-2025-25257 (@0x_shaq) CVE-2025-7775 CVE-2025-57833 (@EyalSec) CVE-2025-53690 CVE-2025-9074 CVE-2025-48543 CVE-2025-24893 https://t.co/KW7HdtM3
@ptdbugs
5 Sept 2025
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability doesn't always mean it's complex. Sometimes, vulnerability hunting just takes patience and a bit of luck. CVE-2025-9074 is exactly that: a case of curiosity meeting opportunity. https://t.co/IXQRwbAO2R
@ins_bug
5 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker Desktop just patched a critical vulnerability, CVE-2025-9074 (CVSS 9.3), in Windows and macOS. This flaw lets any container escape and take over the host by abusing unauthenticated access to the Docker Engine API. https://t.co/kqHpbNwyfJ
@White_Crow017
4 Sept 2025
88 Impressions
0 Retweets
1 Like
0 Bookmarks
3 Replies
0 Quotes
CVE-2025-9074: misconfiguration vulnerability involving the Docker Remote API. When the Docker daemon was exposed without authentication, an attacker could issue API requests to create and start containers. https://t.co/MCT0eiW2Jw https://t.co/djmEqBMTr3
@cyber_advising
4 Sept 2025
1016 Impressions
2 Retweets
17 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨 The #CVE-2025-9074 Nightmare: Your #Docker Desktop Could Be Giving Attackers Root Access https://t.co/QRUgYbsiXp Educational Purposes!
@UndercodeUpdate
3 Sept 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Docker Desktop 취약점 (CVE-2025-9074) 많은 분들이 Docker Desktop 통해서 컨테이너를 관리하실텐데요. 혹시 이 글을 보신다면 바로 v4.44.3 이상으로 업데이트 하시는게 좋습니다. 이번 취약점은 인증 없이 Docker Engine API
@lucas_flatwhite
3 Sept 2025
1046 Impressions
1 Retweet
14 Likes
2 Bookmarks
2 Replies
0 Quotes
Emergency mitigation of CVE-2025-9074 when upgrading Docker Desktop is not immediately possible. Brought to you by vRx and the Vicarius Research Team 🤝 https://t.co/NPr8VfNuYb
@vicariusltd
3 Sept 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Very late on getting this video out the door, but a teeny weeny showcase of the recent Docker for Desktop on Windows & MacOS container escape, CVE-2025-9074 -- proof of concept was included so a simple demo of arbitrary file write & file read on the host: https://t.co/AMn
@_JohnHammond
3 Sept 2025
43710 Impressions
32 Retweets
211 Likes
88 Bookmarks
2 Replies
4 Quotes
💣 Ucieczka z kontenera Docker na Windowsie w Docker Desktop przy pomocy SSRF 🖍️ Przypadkowo odkryta podatność, skatalogowana pod numerem CVE-2025-9074, pozwala na ucieczkę z pozornie izolowanego środowiska. 🖍️ Do ataku wymagane jest wykonanie tylko dwóch polece
@Sekurak
3 Sept 2025
3866 Impressions
5 Retweets
29 Likes
6 Bookmarks
1 Reply
0 Quotes
🚨 Docker corrige CVE-2025-9074 (CVSS 9.3), una vulnerabilidad crítica que permitía a contenedores maliciosos escapar del aislamiento y acceder al sistema host en Windows y macOS. 🔗 Más info: https://t.co/vinPF80ZlF
@trustlock_sec
2 Sept 2025
13 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) https://t.co/FnH0VTZ4eN #docker #security
@remote_brain42
2 Sept 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 #CISO https://t.co/14joGwAkPr https://t.co/x82zz7v7Na
@compuchris
1 Sept 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【⚡️令和最新版⚡️ ⚡️脅威の脆弱性⚡️】Docker Desktopの重大な脆弱性CVE-2025-9074 - 簡単解説|Matagi@ SWエンジニア https://t.co/OpUn09vbzW #zenn
@kk0128_
31 Aug 2025
167 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) https://t.co/TZT6O6OJ0g
@J0hnnyXm4s
30 Aug 2025
310 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Se ha descubierto la CVE-2025-9074 (CVSS 9.3) en Docker Desktop, permitiendo escape de contenedores y acceso no autenticado al host. 🔍 Afecta versiones anteriores a 4.44.3 en Windows/macOS ⚠️Expone API interna sin autenticación (192.168.65.7:2375) https://t.co/SgaIx6Jhva
@henryraul
30 Aug 2025
233 Impressions
6 Retweets
4 Likes
1 Bookmark
1 Reply
0 Quotes
دوكر تعالج ثغـ ـرة CVE-2025-9074 الخطـ ـيرة للهروب من الحاويات على ويندوز وماك التفاصيل .. https://t.co/LH8M9UIwqA #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/oaRoBH1QYb
@ccforrs
30 Aug 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Docker desktop container-escape crisis A critical CVE-2025-9074 flaw (CVSS 9.3) in #Docker Desktop for #Windows & macOS allowed malicious containers to access the Docker Engine API unauthenticated, escape confinement, modify host files, and gain admin control. Patch t
@ransomnews
27 Aug 2025
1201 Impressions
3 Retweets
6 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na kritickou zranitelnost v kontejnerovém nástroji Docker Desktop pro Windows a macOS, CVE-2025-9074. Zranitelnost umožňuje kompromitovat hostující systém pomocí škodlivého kontejneru, nepomůže ani zapnutí funkcionality Enhanced Container Isolation
@GOVCERT_CZ
27 Aug 2025
817 Impressions
3 Retweets
8 Likes
0 Bookmarks
0 Replies
1 Quote
Critical Docker Desktop flaw (CVE-2025-9074) exposes host systems to malicious containers, with a CVSS score of 9.3. Docker has issued a fix, update to version 4.44.3 immediately. 🔗 Read more: https://t.co/tjgkGmXeQk #ISBNews
@Info_Sec_Buzz
27 Aug 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker vulnerability (CVE-2025-9074) allows container escape, assigned CVSS of 9.3 https://t.co/DhAKHntl4r
@DemolisherDigi
27 Aug 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-9074) : When a SSRF is enough -Full Docker Escape on Windows Docker Desktop https://t.co/a2dn3Bumag
@RequestbinNet
27 Aug 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3. Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS. https://t.co/ecItX93Kad #Docker #Cybersecurity #ThreatIntel https://t.co/
@riskigy
27 Aug 2025
34 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Una falla crítica en Docker (CVE-2025-9074), CVSS 9.3, permite que un contenedor malicioso escape y secuestre el host. En Windows, los atacantes pueden montar la unidad C:\ completa, leer archivos confidenciales e incluso escalar el problema al administrador. https://t.co/
@ciberseguridadx
26 Aug 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨🚨Critical Docker Desktop vuln (CVE-2025-9074) on Windows/Mac lets attackers escape containers & hijack hosts via unauthenticated API! Patch in v4.44.3 out now update ASAP. Discovered by @felixboulet Linux safe. More: https://t.co/wwbmbk6d2B Follow us to support @Elusiv
@ElusivePrivacy
26 Aug 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: Docker Desktop vulnerability (CVE-2025-9074, CVSS 9.3) allows malicious containers to access the Docker Engine API, risking unauthorized system access. Update to version 4.44.3 NOW! #Cybersecurity #DockerSecurity #ThreatAlert https://t.co/pO84ZpEwkz
@CyberWolfGuard
26 Aug 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Docker #Fixes CVE-2025-9074, Critical #Container_Escape_Vulnerability With CVSS Score 9.3 https://t.co/qUhBEM47UE https://t.co/veI82N7TEh
@omvapt
26 Aug 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad en Docker Desktop ❗CVE-2025-9074 ➡️Más info: https://t.co/FO3zi5IqAH https://t.co/m2ePqGPboJ
@CERTpy
26 Aug 2025
119 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Docker Desktop Vulnerability CVE-2025-9074 Rated 9.3 CVSS: Update Immediately #Docker #CVE20259074 #CyberSecurity #ContainerSecurity #DockerDesktop #CloudSecurity #Vulnerability #InfoSec #DataProtection https://t.co/wPBK2kMEED
@cyashadotcom
26 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker, Windows ve macOS için Docker Desktop uygulamasını etkileyen kritik bir güvenlik açığını gidermek üzere düzeltmeler yayımladı. CVE-2025-9074 olarak izlenen bu zafiyet, 10 üzerinden 9.3'lük yüksek bir CVSS puanına sahip. https://t.co/UCFQBnrEJl
@et2mas
26 Aug 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A critical Docker Desktop flaw (CVE-2025-9074) allows container escapes and host control on Windows and macOS via an unauthenticated internal HTTP API. Fixed in version 4.44.3. #ContainerEscape #DockerFlaw #USA https://t.co/rz0bFfXqvY
@TweetThreatNews
26 Aug 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Critical Docker Desktop Flaw 🐳⚠️ • CVE-2025-9074 → SSRF + container-escape vuln lets containers hit the Docker Engine API & break isolation 🔓 • Affects Windows & macOS → attackers can mount host drives, steal files & escalate privil
@Newtalics
26 Aug 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker Patches Critical CVE-2025-9074 Vulnerability in Desktop Version #news #Cybersecurity #TechNews https://t.co/GDQ2UwB9yX
@adarshsreedhar5
26 Aug 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical container escape bug in Docker Desktop → CVE-2025-9074 (CVSS 9.3). Patched in version 4.44.3 (Win & macOS). https://t.co/OSNmRd69xG
@BreachNet
26 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Docker Fixes CVE-2025-9074 A major container escape vulnerability exists in Docker Desktop for Windows and macOS (versions older than 4.44.3). **Update immediately.** The fundamental flaw behind CVE-2025-9074 is an unauthenticated TCP socket reachable from a non-privileged
@Security__Wire
26 Aug 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 **Critical Docker Exploit Alert: CVE-2025-9074** 🚨 A major container escape vulnerability exists in Docker Desktop for Windows and macOS (versions older than 4.44.3). **Update immediately.** The fundamental flaw behind CVE-2025-9074 is an unauthenticated TCP socket
@Security__Wire
26 Aug 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 #CISO https://t.co/wFQ3uEmZCy https://t.co/7Attv8G6x0
@compuchris
25 Aug 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Docker Desktop flaw (CVE-2025-9074, CVSS 9.3) allows container escape & host takeover. Patch to v4.44.3 now to secure your system! 🐳🔒 #Cybersecurity #Docker https://t.co/wDopy1LvVh
@_F2po_
25 Aug 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Docker has patched CVE-2025-9074, a critical flaw in Docker Desktop that could allow attackers to compromise host systems and escalate privileges; Researchers uncovered a novel #Linux attack using malicious RAR filenames to deliver the VShell backdoor. https://t.co/H6lxVhBPQq
@NetizenCorp
25 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Docker patches critical container escape flaw CVE-2025-9074 in Docker Desktop for Windows and macOS, scored 9.3 CVSS. Exploitable via unauthenticated Docker Engine API access. #ContainerSecurity #DockerFix #USA https://t.co/GA7KfZRPkc
@TweetThreatNews
25 Aug 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes