"The bug, tracked as CVE-2025-9074 and scoring 9.3 on the CVSS scale, left Docker's internal Engine API wide open on "192.168.65.7:2375." Any container could talk to it without authentication, which meant mounting drives and messing with system files was only a couple of HTTP requests away. On Windows, where Docker Desktop leans on WSL2, that translates into full read-write access to the C: drive and a clear path to administrator rights."
""For my macOS proof of concept, I only needed three lines of Python code," he noted. Mac users receive a prompt when a container tries to mount a directory, and the app itself doesn't run with elevated privileges, but a determined attacker could still fiddle with Docker's configuration and slip a backdoor onto the host. On Windows, by contrast, nothing stops a hostile container mounting the system drive."
Docker Desktop contained a critical vulnerability (CVE-2025-9074) that exposed the internal Engine API on 192.168.65.7:2375 without authentication. Any container could send HTTP requests to that API to mount host drives and manipulate system files. On macOS, mounting prompts provide some protection, but attackers could still alter Docker configuration and install backdoors. On Windows using WSL2, a hostile container could mount the C: drive with read-write access, drop binaries, and overwrite DLLs, leading to administrator-level compromise. The flaw was found by Felix Boulet and demonstrated by Philippe Dugre; Docker has released a patch.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]