Docker Desktop Vulnerability Leads to Host Compromise

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators.

A critical vulnerability in Docker Desktop allows attackers to control containers, mount the host’s file system, and modify it to escalate their privileges to those of an administrator.

Tracked as CVE-2025-9074 (CVSS score of 9.3), the flaw is a container escape issue that impacts the Windows and macOS iterations of the application.

“A malicious container running on Docker Desktop could access the Docker Engine and launch additional containers without requiring the Docker socket to be mounted. This could allow unauthorized access to user files on the host system,” Docker notes in its advisory.

The security defect can be triggered regardless of whether Enhanced Container Isolation (ECI) is enabled or not. Patches for the bug were included in Docker Desktop version 4.44.3.

The vulnerability, security researcher Felix Boulet explains ...