CVE-2025-9074: Critical Vulnerability in Docker Desktop Enables Local Container Access to Docker Engine API via Subnet

Docker is one of the backbones of modern enterprise infrastructure, powering cloud-native applications, CI/CD pipelines, and microservices at massive scale. Therefore, vulnerabilities in Docker images and runtimes are particularly dangerous as they can open the door to severe supply-chain attacks, container escapes, data leaks, and even full host compromise. 

For instance, in March 2024, a backdoor inserted into the widely used “xz-utils” library infiltrated Debian-based Docker images, silently spreading through Docker Hub and remaining accessible, raising chilling supply-chain integrity concerns. Against this backdrop, the recently discovered critical vulnerability in Docker Desktop (CVE-2025-9074) underscores the urgency of timely patching and proactive defense—because even a single unaddressed Docker flaw can cascade into a breach with massive impact.

Sign up for the SOC Prime Platform to access the global active threats feed, which offers real-time cyber threat intelligence and curated detection algorithms to address emerging threats. All the rules are compatible with multiple SIEM, EDR, and Data Lake formats and mapped to the MITRE ATT&CK® framework. Additionally, each rule is enriched with CTI links, attack timelines, audit configurations, triage recommendations, and more relevant context. Press the Explore Detections button to see the entire detection stack for proactive defense against critical vulnerabilities filtered by the “CVE” tag.

Explore Detections

Alternatively, security professionals can apply a “Docker” tag in Threat Detection Marketplace to search for detection content addressing Docker-related threats.

Security engineers can also leverage Uncoder AI—a private AI co-pilot purpose-built for threat-informed detection engineering. With Uncoder, defenders can automatically convert IOCs into actionable hunting queries, craft detection rules from raw threat reports, generate Attack Flow diagrams, enable ATT&CK tags prediction, leverage AI-driven query optimization, and translate detection content across multiple platforms.

CVE-2025-9074 Analysis

A critical CVE-2025-9074 vulnerability in Docker Desktop enables locally running Linux containers to connect to the Docker Engine API through the default subnet (192.168.65.7:2375). The issue persists regardless of Enhanced Container Isolation (ECI) or TCP exposure settings. 

According to Docker’s release announcement, the flaw allows malicious containers in Docker Desktop to directly interact with the Docker Engine and even spin up new containers, without the need for the Docker socket to be mounted. 

If exploited, attackers could execute privileged API commands such as controlling containers, creating new ones, and managing images. In specific scenarios, such as Docker Desktop for Windows running on a WSL backend, the flaw also allows host drives to be mounted with the same permissions as the Docker Desktop user—significantly broadening the potential impact. Overall, the flaw poses severe risks to confidentiality, integrity, and availability, though no CVE-2025-9074 PoC or active exploitation has been observed yet.

To mitigate this critical risk, IT teams and enterprise administrators should upgrade immediately to Docker Desktop version 4.44.3 or later. Updated Docker Desktop packages are available for multiple platforms, including:

• Windows
• Windows ARM (Early Access)
• macOS / Apple Silicon
• macOS / Intel
• Debian
• RPM-based distributions
• Arch Linux

As vulnerabilities in widely used software continue to rise, organizations are advised to adopt proactive security practices, such as consistent patch management and ongoing monitoring for unusual activity, to safeguard against emerging threats. SOC Prime Platform equips security teams with a complete product suite backed by AI, automation, and real-time threat intelligence and built on zero-trust security principles to enable organizations to outscale emerging threats and enhance cyber resilience.