CVE-2025-9164 | THREATINT

Description

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.

PUBLISHED Reserved 2025-08-19 | Published 2025-10-27 | Updated 2025-10-28 | Assigner Docker

HIGH: 8.8CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status

unaffected

Any version

affected

Credits

Mahmoud NourEldin finder

References

docs.docker.com/desktop/release-notes/

cve.org (CVE-2025-9164)

nvd.nist.gov (CVE-2025-9164)

Download JSON