Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer...

8.8 / 10

HIGH

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C

Description

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.

AI Analysis

DLL hijacking vulnerability in Docker Desktop Installer for Windows, allowing local privilege escalation through malicious DLL placement

Basic Information

ID CVE-2025-9164

Source Docker

Published Oct 27, 2025 at 13:53

Modified Oct 27, 2025 at 14:57

Affected Product

Vendor Docker

Product Docker Desktop

Affected Versions Docker Docker Desktop 0

CWE Classification

CWE-427

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Docker

Product Docker Desktop

Version through 4.48.0

References

docs.docker.com /desktop/release-notes/

{
    "lastseen": "",
    "description": "Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.",
    "published": "2025-10-27T13:53:40.216Z",
    "modified": "2025-10-27T14:57:54.233Z",
    "type": "cve",
    "title": "Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows",
    "source": "Docker",
    "references": "https://docs.docker.com/desktop/release-notes/",
    "id": "CVE-2025-9164",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Docker Docker Desktop 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Docker Desktop",
    "version": "0",
    "vendor": "Docker",
    "ai_description": "DLL hijacking vulnerability in Docker Desktop Installer for Windows, allowing local privilege escalation through malicious DLL placement",
    "ai_severity": "High",
    "ai_vendor": "Docker",
    "ai_product": "Docker Desktop",
    "ai_version": "through 4.48.0",
    "ai_score": 8.8
}

Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows_CVE-2025-9164