Docker Desktop Flaw Lets Attackers Escape Containers via Unauthenticated Engine API
Docker Desktop users on Windows and Mac are being strongly advised to update to the latest version following the discovery of a critical security vulnerability that could allow attackers to escape container isolation and compromise the host system. Beyond local attacks, the flaw can be exploited remotely through server-side request forgery (SSRF) attacks targeting web applications running inside Docker containers, making it particularly concerning for exposed development or staging environments.
The vulnerability, cataloged as CVE-2025-9074, was identified by security researcher Felix Boulet. It specifically affects Docker Desktop on Windows and Mac, while Linux versions remain unaffected. The flaw has been addressed in Docker Desktop 4.44.3, released on August 20, which users are urged to install immediately to mitigate potential risks.
According to Boulet, the root of the problem was a relatively simple oversight: Docker’s internal HTTP API was accessible from any container without requiring authentication or access controls. This oversight created a direct path for malicious actors to bypass container boundaries and interact with the underlying host, highlighting how even minor assumptions in software design can have major security implications.
Boulet discovered the vulnerability by running a straightforward nmap scan against Docker’s documented private network. His findings serve as a reminder that containerized environments, often assumed to be secure by default, require careful auditing and timely patching. Organizations running Docker Desktop on Windows or Mac should prioritize updating to version 4.44.3 and review their container security practices to prevent similar issues in the future.