Visual Studio Code: Remote Code Execution (CVE-2022-41034)

by

Author: Zemnmez (@Zemnmez), Google Security Research
Published: December 1, 2022
Source: https://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m

Summary

Google Security Research disclosed a critical remote code execution vulnerability (CVE-2022-41034) in Microsoft Visual Studio Code. By luring a victim into clicking a crafted link, an attacker could cause VS Code to open a remote Jupyter Notebook in a trusted context, abuse the notebook’s HTML rendering to invoke a command: URI, and ultimately spawn a terminal with an attacker-chosen executable. Because the bug also reaches VS Code’s web and remote-development surfaces, it could compromise GitHub Codespaces, github.dev, VS Code for Web, and any machine reached over VS Code Remote Development. Microsoft fixed it in VS Code 1.73.1.

Technical Details

VS Code uses an internal isTrusted annotation to decide whether content is allowed to perform sensitive actions such as executing command: URIs or rendering unsafe HTML. The exploit chains several behaviors so that attacker-controlled content runs in that trusted context:

  • Trusted open via URL parameter. Files opened through the openFile URL parameter are loaded in trusted mode, on the assumption that opening was triggered by a user gesture. The payload is supplied as query-encoded JSON of the form [["openFile","file://path"]], and the target may be a remote .ipynb file hosted on a CORS-enabled server.
  • Notebook HTML injection. Jupyter Notebook Markdown cells permit arbitrary HTML. Opened in trusted mode, a notebook bypasses the usual restrictions on unsafe HTML and command: URI execution. The attacker injects an <img> tag whose onerror handler programmatically creates and clicks an <a> element pointing at a command: URI.
  • Command to terminal spawn. The link targets command:workbench.action.terminal.new, which accepts an ICreateTerminalOptions object containing an IShellLaunchConfig. The executable field of that launch config overrides the program run when the new terminal starts, yielding code execution.

The root cause is insufficient validation of the trust context when opening remote files combined with allowing command execution from user-controlled parameters without adequate restrictions. The advisory notes the issue affects VS Code v1.4.0 through v1.71.1. The published proof of concept (written in Go) demonstrated execution by, for example, opening /etc/passwd in vim within the spawned terminal.

Impact

A single click on a malicious link could give the attacker arbitrary command execution on the victim’s machine. Because the affected functionality spans VS Code’s remote and web deployments, impact extends beyond the desktop editor to takeover of any computer connected via VS Code Remote Development, and to compromise of GitHub Codespaces instances, github.dev, and web-based VS Code sessions. Microsoft rated the issue Critical. Affected versions: Visual Studio Code v1.4.0–v1.71.1.

Mitigation

Microsoft patched the vulnerability in Visual Studio Code v1.73.1. According to the timeline, the fix landed on October 11, 2022, ahead of public disclosure (November 22, 2022). Users and operators of affected services should ensure they are running v1.73.1 or later; hosted environments such as Codespaces and github.dev were updated by the vendor. The corresponding fix is in Microsoft commit d2cff714. More broadly, the case underscores treating remotely opened files as untrusted by default and tightly constraining which commands and arguments can be reached through command: URIs.

References

Leave a Comment