Malware News Flaws in popular VSCode extensions expose developers to attacks

Khushal

Khushal

Level 13
Thread author
Verified
Top Poster
Well-known
Apr 4, 2024
601
3,615
1,169
Content source
https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/

Four Vulnerabilities Expose a Massive Security Blind Spot in IDE Extensions


The OX Research team has found vulnerabilities (CVE-2025-65715, CVE-2025-65716, CVE-2025-65717) in four popular IDE Extensions – confirming IDEs are the weakest link in an organization’s supply chain security, bearing low exploit and high risk.


www.ox.security

IDE Extension Vulnerabilities Expose Massive Security Blind Spot

New research uncovers critical flaws in widely used IDE (120M+ installs), allowing code execution, data theft, and full system compromise
www.ox.security www.ox.security

www.bleepingcomputer.com

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local files and execute code remotely.
www.bleepingcomputer.com www.bleepingcomputer.com
Click to expand...
 
Last edited by a moderator:
  • Like
Reactions: harlan4096, Divergent and Zero Knowledge
This OX Security research is a good reminder that IDE extensions effectively run as “trusted local code,” so a single vulnerable extension can become a practical path to local file access (API keys, configs, source) and sometimes code execution—especially when developers open untrusted content or apply untrusted settings. ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))

What’s affected (per OX’s write-up) ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))
  • Live Server – CVE-2025-65717 (CVSS 9.1) – “remote file exfiltration” – OX states: all versions affected
  • Code Runner – CVE-2025-65715 (CVSS 7.8) – “remote code execution” – OX states: all versions affected
  • Markdown Preview Enhanced – CVE-2025-65716 (CVSS 8.8) – JavaScript execution leading to local port scanning / potential data exfiltration – OX states: all versions affected
  • Microsoft Live Preview – no CVE per OX; fixed in v0.4.16+ (OX describes a “one-click XSS” leading to files exfiltration)

Note: Some secondary reporting appears to swap CVE numbers in the “impacted extensions” sentence, but the OX table (and OX’s individual per-extension posts) is the more authoritative mapping to follow. ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))

Practical risk model (why defenders should care) ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))
  • Extensions can access local files, open local servers, and interact with the dev environment in ways that make “developer workstation” a high-value target.
  • Several of the described attack paths are “low friction” (e.g., opening a file/webpage or applying a settings change), which is realistic in real-world developer workflows.
  • OX also notes VS Code-compatible IDEs like Cursor and Windsurf are impacted in their testing, so this isn’t necessarily “VS Code only.” ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))

Defensive actions (low-risk, high-value) ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))
  • If these extensions are installed and not essential: disable/uninstall them until there’s a confirmed fixed release.
  • If you must keep them: reduce exposure by avoiding untrusted HTML/Markdown/projects, especially while any localhost dev server is running.
  • Do not paste/apply untrusted snippets into global VS Code settings (settings.json). Consider monitoring or backing up settings.json for unexpected changes.
  • For Microsoft Live Preview specifically: ensure it is updated to v0.4.16+ (OX says that’s the fixed line). ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))
  • Org-level: enforce extension allowlisting + minimize “developer local admin” where possible + keep secrets out of local plaintext (use a secrets manager and rotate keys if exposure is suspected).

Quick audit commands (VS Code)
Code: 
code --list-extensions --show-versions

If there’s concern about possible compromise, it’s not possible to confirm safety from the CVEs/news alone; treat it as an incident triage on the developer endpoint (EDR/AV scan, review extension list and VS Code settings changes, and rotate any secrets that may have been exposed). ([ox.security](https://www.ox.security/blog/four-vulnerabilities-expose-a-massive-security-blind-spot-in-ide-extensions/))

Sources
 
Technical Analysis & Remediation

MITRE ATT&CK Mapping

T1137 (Office Application Startup)
Malicious extensions load persistence within the IDE context.

T1204.002 (User Execution: Malicious File) Triggered when developers open untrusted HTML/Markdown or repositories.

T1059 (Command and Scripting Interpreter) Extensions execute arbitrary commands via local servers or preview renderers.

T1020 (Automated Exfiltration)
Localhost servers used to funnel data to remote attackers

CVE Profile & Telemetry

Live Server (ritwickdey.LiveServer)
Assigned CVE-2025-65717 with a critical CVSS score of 9.1. This vulnerability allows for remote file exfiltration and is currently Active/Unpatched.

Markdown Preview Enhanced (shd101wyy.markdown-preview-enhanced) Assigned CVE-2025-65716 with a high CVSS score of 8.8. This flaw facilitates JavaScript execution and port scanning; it remains Active/Unpatched.

Code Runner (formulahendry.code-runner) Assigned CVE-2025-65715 with a high CVSS score of 7.8. This vulnerability enables Remote Code Execution (RCE) and is currently Active/Unpatched.

Microsoft Live Preview (ms-vscode.live-server) No specific CVE ID assigned. The vulnerability was effectively Fixed in version v0.4.16+.

Attack Vector Analysis
The vulnerability stems from IDE extensions inheriting the user's privileges without sufficient sandboxing.

Localhost Exploitation
Extensions like Live Server spawn local web servers. Attackers can craft payloads (e.g., malicious HTML) that interact with these servers to read files outside the project directory.

Cross-IDE Impact
These vulnerabilities are confirmed to affect VS Code-compatible forks like Cursor and Windsurf.

Remediation - THE ENTERPRISE TRACK

Actions ordered by NIST CSF Function.

GOVERN (GV)

Command
Audit organization-wide IDE usage. Establish an "Approved Extension" policy that explicitly bans extensions with unpatched Critical CVEs.

Command
Issue an advisory to engineering teams: "Do not open untrusted repositories or paste settings into settings.json while vulnerable extensions are active.".

DETECT (DE)

Command
Run the following CLI check on developer endpoints to identify vulnerable instances:

code --list-extensions --show-versions.

Command
Monitor ED/SIEM for unexpected outbound traffic from code.exe or node.exe processes initiated by VS Code, particularly to non-corporate IPs.

RESPOND (RS)

Command
IMMEDIATE REMOVAL of ritwickdey.LiveServer, formulahendry.code-runner, and shd101wyy.markdown-preview-enhanced until vendor patches are confirmed.

Command
For Microsoft Live Preview, force update to v0.4.16+ immediately.

RECOVER (RC)

Command
If exploitation is suspected (e.g., unexplained network traffic during dev sessions), assume local secrets are compromised. Rotate all API keys, SSH keys, and environment variables stored on the affected machine.

Remediation - THE HOME USER TRACK

Priority 1: Hardening

Command
Open VS Code. Go to the Extensions view (Ctrl+Shift+X).

Command
Search for "Live Server", "Code Runner", and "Markdown Preview Enhanced". If installed, click Uninstall or Disable immediately.

Command
If you use "Live Preview" by Microsoft, ensure it has auto-updated to version 0.4.16 or higher.

Priority 2: Hygiene

Command
Check your global settings.json file. Ensure no strange snippets were pasted from online tutorials, as these can trigger RCE flows.

Command
Avoid running "localhost" servers on public Wi-Fi without firewall protection.

Hardening & References

Source

OX Security Research Blog

Constraint
Developers must minimize "local admin" usage and utilize secret managers rather than plaintext .env files to mitigate the impact of file exfiltration.
Click to expand...
 
  • Like
Reactions: harlan4096
Zero Knowledge said:
Yes it's a huge worry, running VScode which 99% of people in security or programming do your always hesitant using it or installing extensions.
Click to expand...
It is not just VSCode. It is ALL IDEs and tools where extensions can be willy-nilly installed by the user.

This is extremely common as a scenario:

1. Developer insists upon using VSCode or Visual Studio or JeBrains or Etc.
2. Developer installs extensions and uses them as they see fit
4. Developer downloads and executes stuff as they see fit
5. Developer downloads libraries and uses them as they see fit
6. Developer is the very definition of "Insider Threat" and organizations allows these insider threats by the hundreds of millions

The global cybersec definition of "Insider Threat" includes the above behaviors. "Knowingly or unknowingly, negligently, etc."

That definition applies to 99% or more of digital device users.
 
  • Like
Reactions: Zero Knowledge

You may also like...