Docker Desktop Security Restriction Bypass Vulnerability

Release Date: 26 Aug 2025

RISK: High Risk

TYPE: Operating Systems - Networks OS

A vulnerability has been identified in Docker Desktop. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:

Proof of Concept exploit code is publicly available for CVE-2025-9074. The vulnerability may allow unauthorized access to user files on the host system. Hence, the risk level is rated as High Risk.

---

Impact

• Security Restriction Bypass

---

System / Technologies affected

• Docker Desktop on Windows below version 4.44.3
• Docker Desktop on MacOS below version 4.44.3

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://docs.docker.com/desktop/release-notes/#4443

---

Vulnerability Identifier

• CVE-2025-9074

---

Source

• Docker

---

Related Link

• https://docs.docker.com/desktop/release-notes/#4443
• https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html