Docker Registry Vulnerability Lets macOS Users Access Any Registry Without Authorization

A recently discovered vulnerability in Docker Desktop for macOS is raising concerns in the developer and security communities.

The flaw, which stems from the improper application of Registry Access Management (RAM) policies under certain conditions, could allow unauthorized access to potentially malicious container images-putting organizations at risk of supply chain attacks.

Vulnerability Details

When organizations enforce sign-in via a macOS configuration profile, Docker Desktop fails to apply the intended RAM policies that control which registries users can access.

As a result, developers using affected versions on macOS can bypass restrictions and pull images from any Docker registry-including those not approved or vetted by the organization.

As per a report by CVE, the issue has been assigned a CVSS 4.0 base score of 4.3 (Medium severity), indicating potential for business disruption and increased attack surfaces, particularly in environments where Docker is integral to software development lifecycles.

Docker Registry Access Management (RAM) is designed to empower administrators with the ability to limit Docker Desktop users to specific, organization-approved registries.

However, with sign-in enforcement managed via macOS configuration profiles, this critical safeguard is rendered ineffective.

As a consequence, users may inadvertently (or intentionally) download untrusted images containing malware, ransomware, or backdoors.

While the issue requires a local authenticated user (local attack vector), the potential impact is significant for organizations relying on Docker Desktop as part of their DevOps pipelines.

Attackers exploiting this flaw could introduce compromised containers into the software supply chain, undermining application security and compliance mandates.

• Upgrade to Docker Desktop 4.41.0 or later where this issue has been addressed.
• Regularly audit Docker Desktop settings and registry policies.
• Monitor for unapproved container images in development and production environments.
• Educate development teams about the importance of pulling images only from trusted sources.

Docker has released patches and encourages all macOS users to update promptly, ensuring that organizational security controls are effectively enforced.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!