CVE-2025-53536

Roo Code allows Potential Remote Code Execution via .vscode/settings.json

Severity Score

8.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with the php.validate.executablePath setting which lets you set the path for the php executable for syntax validation. The attacker could have written the path to an arbitrary command there and then created a php file to trigger it. This vulnerability is fixed in 3.22.6.

Roo Code es un agente de codificación autónomo basado en IA. Antes de la versión 3.22.6, si la víctima tenía la opción "Escribir" aprobada automáticamente, un atacante con la capacidad de enviar solicitudes al agente podía escribir en los archivos de configuración de VS Code y activar la ejecución del código. Había varias maneras de lograrlo. Un ejemplo es la configuración php.validate.executablePath, que permite establecer la ruta del ejecutable PHP para la validación de sintaxis. El atacante podría haber escrito la ruta a un comando arbitrario y luego haber creado un archivo PHP para activarlo. Esta vulnerabilidad se corrigió en la versión 3.22.6.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2025-07-02 CVE Reserved
2025-07-07 CVE Published
2025-07-08 CVE Updated
2025-07-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-552: Files or Directories Accessible to External Parties

CAPEC

References (3)

URL	Tag	Source
https://github.com/RooCodeInc/Roo-Code/commit/1be6fce1a6864ae63e8160b0666db2c647f2dbba	X_refsource_misc
https://github.com/RooCodeInc/Roo-Code/commit/3993406ebdc0553a32ef391a799a4fb124930a1c	X_refsource_misc
https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-3765-5vjr-qjgm	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
RooCodeInc Search vendor "RooCodeInc"		Roo-Code Search vendor "RooCodeInc" for product "Roo-Code"				< 3.22.6 Search vendor "RooCodeInc" for product "Roo-Code" and version " < 3.22.6"		en		Affected