Microsoft Visual Studio Code CoPilot Chat Extension Command Injection Vulnerability Leading to Remote Code Execution
Vulnerability
A command injection vulnerability has been identified in the Microsoft Visual Studio Code CoPilot Chat Extension. This issue allows an unauthorized attacker to execute code remotely over a network. The vulnerability arises from improper neutralization of special elements used in commands, enabling exploitation by crafting specific GitHub issues that, when activated by the user, execute the issue's description and execute code on behalf of the attacker.
Impact
Exploitation of this vulnerability allows for remote code execution on the affected system.
Reproduction
To reproduce this vulnerability, an attacker can create a specially crafted GitHub issue within a repository of a user who has the Visual Studio Code CoPilot Chat Extension installed. The issue must be crafted to include code that exploits the command injection vulnerability. Once the issue is created, the user must enable a specific mode that executes the issue's description, thereby executing the attacker's code and achieving remote code execution.
Remediation
Users can download the security update for the Microsoft Visual Studio Code CoPilot Chat Extension from the Visual Studio Code website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.