Cursor Code Editor NTFS Path Quirk Vulnerability Allowing File Overwrite and Potential Remote Code Execution
Vulnerability
A vulnerability in the Cursor code editor, affecting versions through 1.7.44 on NTFS-supporting systems, allows prompt injection attackers to bypass file protection mechanisms. This exploitation can lead to unauthorized modification of files that typically require human approval, with some changes potentially causing remote code execution. The issue arises from certain NTFS path characteristics that disrupt Cursor's path validation, enabling the alteration of protected files without proper oversight.
Impact
Exploitation of this vulnerability could result in unauthorized file modifications, with some changes leading to remote code execution.
Remediation
Users should update to Cursor version 2.0, where this vulnerability has been addressed. In the patched version, NTFS paths are normalized before any protective measures are applied.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.