CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Critical Docker Desktop SSRF Vulnerability Exploitable via Malicious Containers

First reported
Last updated
3 unique sources, 3 articles

Summary

Hide ▲

A critical server-side request forgery (SSRF) vulnerability in Docker Desktop for Windows and macOS allows attackers to compromise the host system by running a malicious container. The flaw, identified as CVE-2025-9074, enables unauthorized access to user files on the host system, even with Enhanced Container Isolation (ECI) protection enabled. The vulnerability allows attackers to mount the host's file system and modify it to escalate privileges to those of an administrator. The vulnerability was discovered by security researcher Felix Boulet, who demonstrated a proof-of-concept (PoC) exploit that does not require code execution rights inside the container. The flaw affects Docker Desktop versions for Windows and macOS but not the Linux version. The issue was responsibly disclosed to Docker, which released a patch in version 4.44.3. The vulnerability can be exploited via a server-side request forgery (SSRF) flaw, allowing an attacker to proxy requests through the vulnerable application and reach the Docker socket. This vulnerability allows unauthorized access to user files on the host system and can be leveraged to gain full control of the Docker application and containers.

Timeline

  1. 25.08.2025 18:11 3 articles · 1mo ago

    Docker Desktop SSRF Vulnerability Exploitable via Malicious Containers

    The article provides additional details on the exploitation methods and impact of the Docker Desktop SSRF vulnerability (CVE-2025-9074). It highlights that the flaw can be exploited regardless of Enhanced Container Isolation (ECI) settings and provides insights into how attackers can escalate privileges on both Windows and macOS systems. The article also notes that the vulnerability is easy to exploit but requires specific conditions to be met. The article confirms that the vulnerability allows attackers to mount the host's file system and modify it to escalate privileges to those of an administrator. It also explains that the Docker Engine socket, if exposed, grants full access to everything the Docker application can do. On Windows, the flaw can be exploited to overwrite a system DLL to obtain administrative privileges on the host. On macOS, the flaw can be exploited to take full control of other containers or backdoor the Docker app by modifying its configuration.

    Show sources

Information Snippets

Similar Happenings

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS Attacks

The ShadowV2 botnet targets misconfigured Docker containers on Amazon Web Services (AWS) to deploy a Go-based malware, turning infected systems into nodes for a distributed denial-of-service (DDoS) botnet. This botnet is available for rent to conduct DDoS attacks, employing advanced techniques such as HTTP/2 Rapid Reset and bypassing Cloudflare's Under Attack mode. The botnet was detected on June 24, 2025, and is believed to be part of a DDoS-for-Hire service. The botnet uses a Python-based C2 framework hosted on GitHub Codespaces and a Go-based remote access trojan (RAT) for command execution and communication. The malware first spawns a generic setup container from an Ubuntu image, installs necessary tools, and then builds and deploys a live container. This approach may help avoid leaving forensic artifacts on the victim machine. The malware communicates with a C2 server to receive commands and conduct attacks. The botnet's dynamic container deployment allows highly configurable attacks while concealing activity behind cloud-native architecture. The botnet targets 24,000 IP addresses with port 2375 open, though not all are exploitable. The malware sends a heartbeat signal to the C2 server every second and polls for new attack commands every five seconds. The botnet is actively used, with observed commands to launch attacks against at least one website.

Misconfigured Docker APIs Exploited in TOR-Based Cryptojacking Campaign

A new variant of a TOR-based cryptojacking campaign targets exposed Docker APIs. The attack involves executing a new container based on the Alpine Docker image and mounting the host file system. The attackers then run a Base64-encoded payload to download a shell script downloader from a .onion domain. The script installs tools for reconnaissance and communication with a command-and-control (C2) server. The campaign may aim to establish a complex botnet. The attack chain includes exploiting additional ports (23, 9222) and using known default credentials for brute-forcing logins. The malware scans for open Docker API services at port 2375 and propagates the infection to those machines. The attackers block external access to port 2375 using available firewall utilities and install persistent SSH access. The malware includes dormant logic for future expansion opportunities for credential theft, browser session hijacking, remote file download, and distributed denial-of-service (DDoS) attacks. The campaign highlights the importance of securing Docker APIs and limiting exposure of services to the internet.

FreePBX Zero-Day Exploited in the Wild, Emergency Patch Released

A zero-day vulnerability in FreePBX (CVE-2025-57819) is actively exploited in the wild. The flaw allows unauthenticated access to the FreePBX Administrator, leading to arbitrary database manipulation and remote code execution. FreePBX versions 15, 16, and 17 are affected. The exploit has been used since at least August 21, 2025, targeting systems with inadequate IP filtering or access control lists (ACLs). Sangoma has released an emergency patch and indicators of compromise (IOCs) to help administrators detect exploitation. Users are advised to upgrade, restrict public access to the administrator control panel, and check for a known issue in the v17 'framework' module that may prevent automated update notification emails. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by September 19, 2025.

Multiple vulnerabilities in Citrix and Git added to CISA KEV catalog

CISA has added multiple vulnerabilities to its KEV catalog due to active exploitation. The flaws affect Citrix Session Recording, Git, and Citrix NetScaler ADC and NetScaler Gateway. The Citrix Session Recording vulnerabilities were patched in November 2024, the Git flaw was addressed in July 2025, and the NetScaler vulnerabilities were patched in August 2025. Federal agencies must apply mitigations by September 15, 2025, for the earlier vulnerabilities and within 48 hours for the NetScaler vulnerabilities. The vulnerabilities are CVE-2024-8068, CVE-2024-8069, CVE-2025-48384, CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424. The first two affect Citrix Session Recording, the third affects Git, and the last three affect Citrix NetScaler ADC and NetScaler Gateway. CVE-2025-48384 is an arbitrary file write vulnerability in Git due to inconsistent handling of carriage return characters in configuration files. The vulnerability affects macOS and Linux systems, with Windows systems being immune due to differences in control character usage. The flaw was resolved in Git versions 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. The vulnerability impacts software developers using Git on workstations and CI/CD build systems. CVE-2025-7775 is a memory overflow vulnerability leading to remote code execution and/or denial-of-service. CVE-2025-7776 is a memory overflow vulnerability leading to unpredictable behavior and denial-of-service. CVE-2025-8424 is an improper access control vulnerability in the NetScaler Management Interface. CVE-2025-7775 has been actively exploited in the wild and was added to the CISA KEV catalog on August 26, 2025, requiring federal agencies to remediate within 48 hours. The vulnerabilities affect both supported and unsupported, end-of-life versions of Citrix NetScaler ADC and NetScaler Gateway. Nearly 20% of NetScaler assets identified are on unsupported versions, primarily in North America and the APAC region. The vulnerabilities affect similar components in NetScaler ADC and NetScaler Gateway as the CitrixBleed and CitrixBleed2 vulnerabilities.

Critical OS Command Injection Vulnerability in FortiSIEM (CVE-2025-25256) Exploited in the Wild

Fortinet has disclosed a critical OS command injection vulnerability in FortiSIEM, identified as CVE-2025-25256. The flaw, with a CVSS score of 9.8, allows unauthenticated attackers to execute unauthorized code or commands via crafted CLI requests. Exploit code for this vulnerability has been observed in the wild. Affected versions include FortiSIEM 6.1 through 6.7.9 and 7.0.0 through 7.3.1. Fortinet advises upgrading to the latest versions and limiting access to the phMonitor port (7900) as a workaround.