Four Vulnerabilities Expose a Massive Security Blind Spot in IDE Extensions
Summary:
The OX Security Research team has identified a critical supply chain security blind spot stemming from vulnerabilities in four highly popular Integrated Development Environment (IDE) extensions, which collectively boast over 120 million downloads. Specifically affecting VS Code, Cursor, and Windsurf, these vulnerabilities—CVE-2025-65717, CVE-2025-65715, CVE-2025-65716, and an unassigned CVE in Microsoft Live Preview—pose severe risks to developer endpoints. Extensions operate as pseudo-administrators within the IDE, retaining broad permissions and direct access to sensitive local files, such as business logic, API keys, database configurations, and environment variables. Exploitation requires minimal user interaction, leading to high-impact consequences like local machine takeover, lateral movement across connected networks, and exfiltration of sensitive organizational assets. The OX Security Research team responsibly disclosed all vulnerabilities to the respective extension maintainers. As of the report's publication, none of the maintainers have responded or established a remediation timeline, highlighting a systemic lack of accountability in extension security.
Security Officer Comments:
IDE extensions function with elevated access on the developer’s local machine, effectively acting as "little admins." This highly permissive architecture means that malicious, overly permissive, or poorly written extensions can directly interface with local file systems to execute arbitrary code, modify system files, and exfiltrate data. Because developers frequently store highly sensitive data locally, these endpoints represent highly lucrative initial access targets. The research demonstrates that compromising an entire organization requires only a single vulnerable or malicious extension. The attack chain capitalizes on the implicit trust developers place in their IDE environments and repository assets.
- Attack Chain: Execution relies heavily on minimal interaction triggers, such as opening untrusted HTML files while a localhost server is running, or downloading a malicious repository.
- Social Engineering Tactics: Threat actors use emails, chats, and unverified online sources as lures, providing malicious configuration snippets or code. They socially engineer developers into pasting these malicious snippets directly into their global settings.json file.
- Lateral Movement: Once initial code execution is achieved on a development machine running a localhost server, threat actors can hijack the system, steal sensitive data, and pivot laterally within the organization’s connected networks.
The specific vulnerabilities identified include:
- CVE-2025-65717 (Live Server): CVSS 9.1 | 72M+ downloads | Remote file exfiltration.
- CVE-2025-65715 (Code Runner): CVSS 7.8 | 37M+ downloads | Remote code execution.
- CVE-2025-65716 (Markdown Preview Enhanced): CVSS 8.8 | 8.5M+ downloads | JavaScript code execution leading to local port scanning with potential data exfiltration.
- Microsoft Live Preview (No CVE issued): 11M+ downloads | One-Click XSS leading to full IDE file exfiltration (Fixed in v0.4.16+).
Suggested Corrections:
- Restrict Localhost Servers: Avoid running servers on localhost unless strictly necessary. Never open untrusted HTML files while localhost servers are actively running.
- Secure IDE Configurations: Never paste or run snippets in the global settings.json file from emails, chats, or unverified sources. Avoid applying untrusted configurations entirely.
- Monitor System Files: Actively monitor and back up the settings.json file to quickly detect any unexpected or unauthorized modifications.
- Restrict Extension Risk: Install only highly trusted and vetted extensions to minimize localized vulnerabilities.
Best Practices:
- Disable/Uninstall Non-Essential Extensions: Reduce your attack surface by proactively disabling or removing development tools, extensions, and services that are not required for your current workflow.
- Harden Local Networks: Deploy well-configured local firewalls to restrict inbound and outbound connections for development services. Ensure they are accessible only from trusted sources.
- Maintain a Rigorous Update Schedule: Establish a routine for immediately applying security updates to IDEs, extensions, operating systems, and dependencies to address newly disclosed vulnerabilities.
- Implement Automated Scanning: Use AI-powered security testing tools to automate vulnerability scanning on new extensions before they reach developers.
- Enforce Security Reviews: Organizations should push for mandatory security review processes before allowing extensions to be installed, mimicking app store vetting procedures.