CVE-2025-3224

High CVSS: 7.3

A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\ProgramData\Docker\config with high privileges. However, this directory often does not exist by default, and C:\ProgramData\ allows normal users to create new directories. By creating a malicious Docker\config folder structure at this location, an attacker can force the privileged update process to delete or manipulate arbitrary system files, leading to Elevation of Privilege.

Vendor

Docker

Product

Desktop

CWE

CWE-59

Yayın Tarihi

2025-04-28 20:15:21

Güncelleme

2025-05-10 00:57:52

Source Identifier

security@docker.com

KEV Date Added

Kategoriler

CWE-59 Desktop HIGH Docker 2025

Referanslar

https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks

Benzer Kayıtlar

High

CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exis…

Medium

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows,…

Low

CVE-2025-13743

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serializatio…

High

CVE-2025-64443

MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gatew…