CVE-2025-54410

CWE-9098 documents6 sources
Severity
5.2MEDIUM
EPSS
0.0%
top 99.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Github.com Docker/dockerMobyproject MobyMoby Moby
Timeline
PublishedJul 30
Latest updateAug 11

Description

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between co

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:NExploitability: 0.8 | Impact: 2.5

Affected Packages3 packages

Gogithub.com/docker/docker26.0.0-rc128.0.0+2
NVDmobyproject/moby< 25.0.13
CVEListV5moby/moby25.0.12

🔴Vulnerability Details

5
OSV
Moby firewalld reload removes bridge network isolation in github.com/docker/docker2025-08-11
CVEList
Moby's Firewalld reload removes bridge network isolation2025-07-30
OSV
CVE-2025-54410: Moby is an open source container framework developed by Docker Inc2025-07-30
GHSA
Moby firewalld reload removes bridge network isolation2025-07-29
OSV
Moby firewalld reload removes bridge network isolation2025-07-29

📋Vendor Advisories

2
Red Hat
github.com/moby/moby: Moby's Firewalld reload removes bridge network isolation2025-07-30
Debian
CVE-2025-54410: docker.io - Moby is an open source container framework developed by Docker Inc. that is dist...2025
CVE-2025-54410 (MEDIUM CVSS 5.2) | Moby is an open source container fr | cvebase.io