Cyber Resilience

CVE-2025-9074

Critical

Published: 20 August 2025

Published
20 August 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0119 79.3th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-9074 is a critical-severity Exposure of Resource to Wrong Sphere (CWE-668) vulnerability in Qwertysecurity (inferred from references). Its CVSS base score is 9.3 (Critical).

Operationally, ranked in the top 20.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A vulnerability in Docker Desktop enables local Linux containers to reach the Docker Engine API over the default internal subnet at 192.168.65.7:2375. The flaw is present regardless of whether Enhanced Container Isolation is enabled and independent of the “Expose daemon on tcp://localhost:2375 without TLS” setting. It is tracked as CVE-2025-9074 with a CVSS 4.0 score of 9.3 and is associated with CWE-668.

An attacker who can run a container on an affected host can therefore issue privileged Engine API calls to inspect, create, or delete other containers and images. On Docker Desktop for Windows using the WSL backend, the same access also permits mounting the host filesystem with the privileges of the user running Docker Desktop.

Public advisories and technical write-ups are available at the Docker release notes for version 4.44.3 and at several independent analyses that describe detection methods and the scope of the issue. The associated EPSS score has remained flat at 0.0119 with no material increase since disclosure.

EU & UK References

Vulnerability details

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and…

more

with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Qwertysecurity
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-668

Controls whether organization resources are exposed to external system spheres by permitting or prohibiting their use.

addresses: CWE-668

The control ensures information is not released into a security sphere where the recipient lacks matching access authorizations.

addresses: CWE-668

The control ensures information resources are not exposed to the incorrect (public) sphere through review and authorization.

addresses: CWE-668

Protects against data mining that would expose resources to unauthorized spheres by enforcing detection and controls.

addresses: CWE-668

Restricts information flows to ensure resources are not exposed to incorrect or unauthorized spheres.

addresses: CWE-668

Controlling internal connections prevents exposure of resources to unintended internal spheres.

addresses: CWE-668

Knowing exact processing and storage locations helps avoid exposure of resources to incorrect spheres.

addresses: CWE-668

The control prevents exposure of the media resource to the wrong security sphere.

References