Primary

Context

Docker Desktop Privilege Escalation Vulnerability Bypassing Enhanced Container Isolation

Vulnerability

Patched

A vulnerability in Docker Desktop allows local attackers to escalate privileges by bypassing Enhanced Container Isolation (ECI) restrictions. When ECI is enabled, Docker socket mounts from containers are generally denied unless explicitly allowed. However, the Docker CLI --use-api-socket flag can be used to add socket mounts in a way that ECI does not properly enforce, granting containers full access to the Docker Engine socket. This access could be exploited to retrieve authentication credentials for container registries, potentially leading to further privilege escalation.

Impact

Exploitation of this vulnerability allows for unauthorized access to the Docker Engine, bypassing ECI restrictions, and could lead to privilege escalation on the host system.

Remediation

This vulnerability has been fixed in Docker Desktop version 4.59.0.

Added: May 26, 2026, 3:03 PM

Updated: May 26, 2026, 3:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Docker Desktop Privilege Escalation Vulnerability Bypassing Enhanced Container Isolation

Vulnerability

Impact

Remediation

Affected Products

Docker CLI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating