Zed Remote Code Execution Vulnerability in Agent Panel

A remote code execution vulnerability has been identified in Zed, a multiplayer code editor, prior to version 0.197.3. The issue arises in the Zed Agent Panel, where an AI agent could bypass user permission checks to execute arbitrary commands on a victim's machine. This was achieved by exploiting the permissions bypass to create or modify a project-specific configuration file, without the necessary explicit approval. The vulnerability has been patched in version 0.197.3.

Impact

Exploitation of this vulnerability allowed for remote code execution on the victim's machine, leading to a full compromise of the system.

Remediation

Users are advised to upgrade to version 0.197.3 or later. For those unable to upgrade immediately, it is recommended to avoid sending prompts to the Agent Panel or to limit the AI Agent's file system access by deselecting tools that can write to the filesystem or by switching to a more restrictive tool profile.