CVE-2025-54410

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Moby versions prior to 28.0.0 Moby version 25.0.13

Description Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby, where reloading firewalld causes Docker to fail to re-create iptables rules that isolate bridge networks. This allows containers to access any port on any other container across different bridge networks on the same host, breaking network segmentation between containers. Containers in --internal networks remain protected.

Recommendations Update to Moby version 28.0.0 or later. Apply the fix available in Moby release 25.0.13. As a temporary workaround, restart the docker daemon after reloading firewalld. As a temporary workaround, re-create bridge networks after reloading firewalld. As a temporary workaround, use rootless mode.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-909

Related Identifiers

BDU:2025-09312

CLEANSTART-2026-AX33738

CLEANSTART-2026-BB83999

CLEANSTART-2026-BT39952

CLEANSTART-2026-BZ92766

CLEANSTART-2026-DR81473

CLEANSTART-2026-HX97842

CLEANSTART-2026-JF61842

CLEANSTART-2026-LO63022

CLEANSTART-2026-LS00044

CLEANSTART-2026-OU18540

CLEANSTART-2026-OX06093

CLEANSTART-2026-PM88731

CLEANSTART-2026-QM19832

CLEANSTART-2026-SQ13072

CLEANSTART-2026-SU44499

CLEANSTART-2026-TK12973

CLEANSTART-2026-UO87758

CVE-2025-54410

ECHO-D59E-2C08-ECEF

GHSA-4VQ8-7JFC-9CVP

GO-2025-3829

OPENSUSE-SU-2025:15434-1

SUSE-SU-2025:02912-1

SUSE-SU-2026:0037-1

Affected Products

Debian

Docker

Docker Engine

Mirantis Container Runtime

Moby

Red Os

CVE-2025-54410

Weakness Enumeration

Related Identifiers

Affected Products

References · 319