CVE-2025-14740 is a vulnerability classified under CWE-732 (Incorrect Permission Assignment for Critical Resource) affecting Docker Desktop for Windows. The issue arises from the installer's improper handling of the C:\ProgramData\DockerDesktop directory permissions. Specifically, the installer creates this directory without verifying or properly setting ownership and access control lists (ACLs). Two main exploitation scenarios are described: First, a persistent attack where a low-privileged attacker pre-creates the directory before installation. Because the installer does not change ownership, the attacker remains the owner even after restrictive ACLs are applied. This ownership allows the attacker to modify directory ACLs later and tamper with critical configuration files such as install-settings.json. By altering this file to specify a malicious credentialHelper, the attacker can achieve arbitrary code execution when any user runs Docker Desktop. Second, a time-of-check-time-of-use (TOCTOU) race condition during installation allows an attacker actively monitoring the process to inject malicious files with attacker-controlled ACLs between the directory creation and the setting of secure ACLs. This also leads to arbitrary code execution. The vulnerability requires local low-privileged access and user interaction (installation execution). The CVSS 3.1 base score is 6.7 (medium severity), reflecting high impact on confidentiality, integrity, and availability but with limited attack vector (local) and higher attack complexity. No patches or known exploits in the wild are currently reported. This vulnerability highlights the risks of improper permission management during software installation, especially for critical system directories.

The vulnerability allows a low-privileged local attacker to gain persistent arbitrary code execution with elevated privileges on Windows systems running Docker Desktop. This compromises confidentiality by potentially exposing sensitive configuration and credential data, integrity by allowing tampering with Docker Desktop configurations and execution flow, and availability by enabling malicious code that could disrupt Docker Desktop or the host system. Organizations relying on Docker Desktop for container management and development face risks of system compromise, lateral movement, and persistence by attackers exploiting this flaw. The requirement for local access and user interaction limits remote exploitation but insider threats or compromised endpoints are at risk. The ability to maintain ownership of a critical directory post-installation or exploit a TOCTOU race condition increases the attack surface during software deployment and updates. This can lead to supply chain style attacks where malicious code is injected during installation, undermining trust in Docker Desktop deployments.

To mitigate this vulnerability, organizations should: 1) Restrict local user permissions to prevent unprivileged users from pre-creating or modifying the C:\ProgramData\DockerDesktop directory prior to installation. 2) Perform Docker Desktop installations only from trusted administrators or automated processes with controlled environments to avoid TOCTOU race conditions. 3) Monitor and audit ownership and ACLs of critical directories like C:\ProgramData\DockerDesktop before and after installation to detect unauthorized changes. 4) Use application whitelisting and endpoint protection to detect and block unauthorized modifications to install-settings.json or other configuration files. 5) Consider deploying Docker Desktop in environments with minimal local user access or via containerized or virtualized setups to reduce attack surface. 6) Stay alert for official patches or updates from Docker Inc. addressing this issue and apply them promptly when available. 7) Educate users and administrators about the risks of running installers with elevated privileges in untrusted contexts. These steps go beyond generic advice by focusing on controlling directory ownership, preventing race conditions during installation, and monitoring critical configuration files.