A critical vulnerability in the desktop version of Docker for Windows and macOS made it possible to compromise the host system by running a malicious container, even when Enhanced Container Isolation (ECI) was enabled.
The vulnerability has been assigned the identifier CVE-2025-9074 (9.3 on the CVSS scale) and is an SSRF bug (server-side request forgery). The issue was fixed in version 4.44.3.
“A malicious container running in Docker Desktop could access the Docker Engine and launch additional containers without needing to mount the Docker socket,” Docker developers explain in the security bulletin. “This could lead to unauthorized access to user files on the host system. Enhanced Container Isolation (ECI) does not protect against this vulnerability.”
Security researcher Felix Boulet, who discovered the vulnerability, reported that the Docker Engine API could be accessed without authentication using the address http://192.168.65[.]7:2375/ from inside any running container.
The expert demonstrated creating and launching a new container that mounts the Windows host’s C: drive into the container’s filesystem using two wget HTTP POST requests. Bule’s proof-of-concept exploit does not require code execution privileges inside the container.
Philippe Dugre, a DevSecOps engineer at Pvotal Technologies and a challenge designer for the NorthSec security conference, confirmed that the vulnerability affects the desktop version of Docker for Windows and macOS, but not the Linux version.
According to Dugré, the vulnerability is less dangerous on macOS due to the operating system’s protection mechanisms. For example, he was able to create a file in a Windows user’s home directory, but this cannot be achieved on macOS without the user’s permission.
“In Windows, since Docker Engine runs via WSL2, an attacker can mount the entire file system with administrator privileges and read any file. Ultimately, they can overwrite a system DLL to escalate privileges to administrator of the host system,” Dugré writes. “However, on macOS the Docker Desktop application still has a certain level of isolation, and an attempt to mount the user directory triggers a permission request from the user. By default, the application does not have access to the rest of the file system and does not run with administrator privileges, so the host is more secure than on Windows.”
At the same time, the researcher noted that malicious activity is also possible on macOS, since the attacker has full control over the application and containers, which poses risks of implanting backdoors or modifying configuration without authorization.
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.02.08 — Hackers exploit RCE vulnerability in Microsoft Outlook
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing…
Full article →
2025.01.22 — Fake Homebrew Infects macOS and Linux Machines with infostealer
Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.…
Full article →
2025.01.29 — Google to disable Sync in older Chrome versions
Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years. Chrome Sync enables users to save and sync their…
Full article →
2025.03.12 — Mass exploitation of PHP-CGI vulnerability in attacks targeting Japanese companies
GreyNoise and Cisco Talos experts warn that hackers are actively exploiting CVE-2024-4577, a critical PHP-CGI vulnerability that was discovered and fixed in early June 2024. CVE-2024-457…
Full article →
2025.02.14 — 12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed…
Full article →
2025.04.15 — Hackers exploit authentication bypass bug in OttoKit WordPress plugin
Hackers exploit an authentication bypass vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin used by more than 100,000 websites. First attacks were recorded just…
Full article →
2025.02.06 — Let's Encrypt to stop sending expiration notification emails
The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision…
Full article →
2025.01.28 — J-magic backdoor attacked Juniper Networks devices using 'magic packets'
A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that…
Full article →
2025.04.30 — Coinbase fixes 2FA bug that made customers panic
Cryptocurrency exchange Coinbase has fixed a bug in its Account Activity logs that caused customers to think their credentials were compromised. Earlier this month, BleepingComputer…
Full article →