216.73.216.86

CVE-2025-15558

· Published 04/03/2026 17:16 · Modified 04/03/2026 18:08

Labels: CVE-2025-15558 2026-03-04CVE-2025-15558CWE-427[email protected]

Essential information

Published
04/03/2026 17:16
Modified
04/03/2026 18:08
Author
Creator
CVSS
7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user. This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/[email protected]+incompatible/cli-plugins/manager  package, such as Docker Compose. This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.

NVD status

Status
Undergoing Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
docker / cli cpe:2.3:a:docker:cli:<29.1.5:*:*:*:*:*:*:*
docker / docker compose cpe:2.3:a:docker:docker_compose:*:*:*:*:*:*:*:*
docker / docker buildx cpe:2.3:a:docker:docker_buildx:*:*:*:*:*:*:*:*

References