Bug 2444574 (CVE-2025-15558)

Summary: CVE-2025-15558 docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: adudiak, agarcial, akoudelk, alcohan, anjoseph, aoconnor, aprice, asegurap, bdettelb, caswilli, dfreiber, dhanak, doconnor, drosa, drow, dsimansk, eglynn, fdeutsch, gparvin, jbalunas, jburrell, jjoyce, jkoehler, jprabhak, jsamir, jschluet, kaycoth, kingland, kshier, kverlaen, lball, lbragsta, lgamliel, lhh, ljawale, lphiri, luizcosta, mburns, mgarciac, mnovotny, ngough, nweather, oezr, oramraz, pahickey, rbobbitt, rfreiman, rhaigner, sausingh, sdawley, smullick, stcannon, stirabos, teagle, thason, veshanka, vkumar, wenshen, wtam, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in Docker CLI for Windows. A low-privileged attacker can exploit this vulnerability by creating a specific directory, C:\ProgramData\Docker\cli-plugins, which does not exist by default. By placing malicious plugin binaries in this directory, an attacker can achieve privilege escalation when a victim user opens Docker Desktop or uses Docker CLI plugin features, provided the Docker CLI is executed with elevated privileges.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-03-04 17:01:32 UTC 
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.

This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the  github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose.

This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.