Unpatched Cursor Vulnerability Exposes Users to Code Execution

Summary

A vulnerability in the Cursor code editor allows attackers to execute arbitrary code by creating a malicious repository with a git.exe file in the project root. Cursor automatically executes this file, leading to potential code execution on the user's system.

IFF Assessment

FOE

This vulnerability allows attackers to gain code execution, which is detrimental to defenders.

Severity

7.8 High (AI Estimated)

The vulnerability allows for remote code execution through a straightforward attack vector (placing a malicious file in a repo) with a significant impact on confidentiality, integrity, and availability. The exploitability is high due to the automatic execution by the application.

Defender Context

This vulnerability highlights the risks associated with application behavior that automatically executes files from project repositories. Defenders should be aware of how code editors or development tools might process external content and ensure that any such applications are kept up-to-date with the latest security patches to mitigate risks of code execution.

Read Full Story →