Windows Docker Desktop Vulnerability Allows Full Host Compromise

A critical vulnerability in Docker Desktop for Windows has been discovered that allows any container to achieve full host system compromise through a simple Server-Side Request Forgery (SSRF) attack.

The flaw, designated CVE-2025-9074, was patched in Docker Desktop version 4.44.3 released in August 2025.

The vulnerability stems from Docker’s internal HTTP API being exposed at http://192.168.65.7:2375/ without any authentication or access controls.

This endpoint was accessible from within any container running on the affected Docker Desktop installation, creating a critical security boundary violation.

An attacker could exploit this flaw using just two HTTP POST requests from within any container. The first request creates a privileged container with the host’s C: drive mounted, while the second starts the malicious container.

This simple attack chain grants complete access to the Windows host filesystem and system resources.

The researcher who discovered the vulnerability found it accidentally while conducting network reconnaissance within a container environment.

Using basic network scanning tools like nmap against Docker’s documented private network ranges revealed the exposed API endpoint.

The security implications of this vulnerability are severe. Any container workload could potentially compromise the entire host system, completely bypassing Docker’s isolation mechanisms.

This includes scenarios where attackers only achieve SSRF vulnerabilities in web applications running within containers, as no code execution within the container is required.

The vulnerability also affects Docker Desktop for Mac, where security researcher Philippe Dugre from Pvotal Technologies identified a similar issue, leading to the shared CVE assignment.

Docker responded quickly to the vulnerability disclosure, releasing a patch in version 4.44.3. Users should immediately update their Docker Desktop installations to the latest version to mitigate this risk. No known exploitation has been reported since the patch release.

The vulnerability highlights critical lessons for container security: all control-plane endpoints must implement proper authentication, network segmentation must be enforced around container environments, and zero-trust principles should apply within host environments.

CVE-2025-9074 serves as a stark reminder that seemingly internal APIs can pose significant security risks when exposed without proper access controls.

While Docker’s swift response demonstrates good vulnerability management practices, this incident underscores the importance of comprehensive security assessments for container platforms and the need for proper network isolation in containerized environments.

Organizations using Docker Desktop for Windows should prioritize updating to version 4.44.3 or later and review their container security policies to prevent similar exposure scenarios.

Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!