CVE-2025-15558 is a vulnerability classified under CWE-427 (Uncontrolled Search Path Element) affecting Docker CLI on Windows platforms up to version 29.1.5. The issue arises because the Docker CLI searches for plugin binaries in the directory C:\ProgramData\Docker\cli-plugins, which is not created by default. This allows a low-privileged attacker with local access to create this directory and place malicious executables named as legitimate Docker CLI plugins (e.g., docker-compose.exe, docker-buildx.exe). When a victim user launches Docker Desktop or invokes Docker CLI plugin features, the malicious binaries are executed. If the Docker CLI is running with elevated privileges, this can lead to privilege escalation, allowing the attacker to execute arbitrary code with higher privileges. The vulnerability is specific to Windows binaries that use the github.com/docker/cli/cli-plugins/manager package for plugin management and does not affect non-Windows versions or projects not using this plugin manager. The CVSS 4.0 score is 7.0 (high), reflecting local attack vector with low complexity, no authentication required, but user interaction needed. The vulnerability impacts confidentiality, integrity, and availability due to potential arbitrary code execution and privilege escalation. No patches or exploits in the wild are currently reported, but the risk is significant given Docker's widespread use in development and production environments on Windows.

This vulnerability poses a significant risk to organizations using Docker CLI on Windows, especially those running Docker Desktop or CLI with elevated privileges. Successful exploitation can lead to privilege escalation, allowing attackers to execute arbitrary code with higher system privileges. This can compromise the confidentiality and integrity of sensitive data, disrupt containerized application workflows, and potentially allow attackers to pivot within the network. Since Docker is widely used in development, testing, and production environments, exploitation could affect software supply chains and continuous integration/continuous deployment (CI/CD) pipelines. The requirement for local access and user interaction limits remote exploitation but insider threats or compromised low-privileged accounts could leverage this vulnerability. Organizations relying on Windows-based Docker environments are at risk of operational disruption and data breaches if this vulnerability is exploited.

Organizations should immediately verify if Docker CLI on Windows is deployed and check the presence of the C:\ProgramData\Docker\cli-plugins directory. If it exists and is writable by low-privileged users, restrict permissions to prevent unauthorized creation or modification of plugin binaries. Run Docker CLI and Docker Desktop with the least privilege necessary, avoiding elevated privileges unless absolutely required. Monitor and audit the cli-plugins directory for unexpected files or changes. Until an official patch is released, consider disabling plugin features or using Docker CLI on non-Windows platforms where this vulnerability does not exist. Implement endpoint detection and response (EDR) solutions to detect suspicious execution of Docker CLI plugins. Educate users about the risk of running Docker CLI with elevated privileges and the importance of reporting unexpected Docker behavior. Stay updated with Docker vendor advisories for patches and apply them promptly once available.