Critical Docker Desktop Flaw Exposes Windows & macOS Hosts

Critical Docker Desktop Flaw Exposes Windows & macOS Hosts

A critical vulnerability (CVE-2025-9074, CVSS 9.3) has been uncovered in Docker Desktop, affecting both Windows and macOS. The flaw allows a malicious container to access the Docker Engine API without authentication, enabling attackers to:

• Launch additional containers without mounting the Docker socket
• Access sensitive host files (e.g., Windows C: drive)
• Potentially backdoor or modify configuration files

🔍 Security researchers demonstrated the exploit with just three lines of Python code, making it easy to weaponize.

📌 Key Details:

• Windows hosts are at highest risk due to weaker OS-level safeguards.
• macOS hosts remain partially protected but still exposed to misconfiguration and backdooring risks.
• Linux systems are unaffected.
• Enhanced Container Isolation (ECI) does not prevent exploitation.

✅ Mitigation: Docker has released Docker Desktop 4.44.3 to patch this vulnerability. All users are strongly advised to upgrade immediately.

At Alcaeus Services, we help organizations secure their containerized environments, apply critical updates, and strengthen DevSecOps practices to minimize risk exposure.