ZDI-26-067 MEDIUM 6.7 Published Feb 05, 2026

Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability

Docker

Docker Desktop for Windows contains a privilege escalation vulnerability (CVE-2025-14740) that allows local attackers to gain elevated privileges if an administrator interacts with a malicious action. Security teams should prioritize patching Docker Desktop for Windows installations and educate administrators about the risks of interacting with untrusted content, particularly when running with elevated privileges.

Related CVEs

CVE-2025-14740

Tags

Windows Privilege Escalation Docker

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy