{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2025-3224", "ASSIGNER": "security@docker.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0\u00a0could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\\ProgramData\\Docker\\config with high privileges. However, this directory often does not exist by default, and C:\\ProgramData\\ allows normal users to create new directories. By creating a malicious Docker\\config folder structure at this location, an attacker can force the privileged update process to delete or manipulate arbitrary system files, leading to Elevation of Privilege." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-269 Improper Privilege Management", "cweId": "CWE-269" } ] }, { "description": [ { "lang": "eng", "value": "CWE-59 Improper Link Resolution Before File Access ('Link Following')", "cweId": "CWE-59" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Docker", "product": { "product_data": [ { "product_name": "Docker Desktop", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "4.41.0" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks", "refsource": "MISC", "name": "https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks" } ] }, "generator": { "engine": "Vulnogram 0.2.0" }, "source": { "discovery": "EXTERNAL" }, "credits": [ { "lang": "en", "value": "Dong-uk Kim, KAIST Hacking Lab" } ] }