CVE-2025-15558 is a vulnerability classified under CWE-427 (Uncontrolled Search Path Element) affecting Docker CLI on Windows platforms up to version 29.1.5. The issue arises because the Docker CLI searches for plugin binaries in the directory C:\ProgramData\Docker\cli-plugins, which is not created by default. This allows a low-privileged attacker with local access to create this directory and place malicious executables named as legitimate Docker CLI plugins (e.g., docker-compose.exe, docker-buildx.exe). When a victim user launches Docker Desktop or invokes Docker CLI plugin features, these malicious binaries are executed. If the Docker CLI is run with elevated privileges, this can lead to privilege escalation, allowing the attacker to execute arbitrary code with higher privileges. The vulnerability is specific to Windows binaries that use the Docker CLI plugin manager code from github.com/docker/cli/cli-plugins/manager. Non-Windows binaries and projects not using this plugin manager are not affected. The CVSS 4.0 score is 7.0 (high severity), reflecting the local attack vector, low complexity, no required authentication, and high impact on confidentiality, integrity, and availability. No public exploits have been reported yet, but the vulnerability poses a significant risk due to the common use of Docker in development and production environments on Windows.

This vulnerability can have serious consequences for organizations using Docker on Windows. An attacker with low privileges and local access can escalate their privileges by placing malicious plugin binaries in the searched directory. This can lead to unauthorized code execution with elevated privileges, potentially compromising the entire host system. Confidentiality can be breached by accessing sensitive data, integrity can be undermined by altering system or application behavior, and availability can be impacted by disrupting Docker services or the host system. Organizations relying on Docker for container management, CI/CD pipelines, or development environments on Windows are at risk. The attack requires local access, so insider threats or compromised user accounts are primary vectors. Exploitation could facilitate lateral movement within networks and persistence, increasing the threat to enterprise environments.

To mitigate this vulnerability, organizations should: 1) Immediately update Docker CLI on Windows to a patched version once available from Docker, as no patch links are currently provided. 2) Restrict local user permissions to prevent unauthorized creation of directories under C:\ProgramData\Docker\cli-plugins. 3) Monitor and audit the C:\ProgramData\Docker\cli-plugins directory for unexpected files or changes. 4) Employ application whitelisting or endpoint protection solutions to detect and block execution of unauthorized binaries in this directory. 5) Educate users about the risks of running Docker CLI with elevated privileges and minimize such usage. 6) Consider running Docker Desktop and CLI with least privilege principles and avoid administrative execution unless necessary. 7) Implement robust local access controls and monitor for suspicious local activity that could indicate attempts to exploit this vulnerability. These steps go beyond generic advice by focusing on directory monitoring, privilege management, and proactive detection.