Zed AI Agent Remote Code Execution_CVE-2025-55012

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific configuration file, leading to the execution of arbitrary commands on a victim's machine without the explicit approval that would otherwise be required. This vulnerability has been patched in version 0.197.3. A workaround for this issue involves either avoid sending prompts to the Agent Panel, or to limit the AI Agent's file system access.

Basic Information

ID CVE-2025-55012

Source GitHub_M

Published Aug 11, 2025 at 21:25

Affected Product

Vendor zed-industries

Product zed

Version < 0.197.3

Affected Versions zed-industries zed < 0.197.3

CWE Classification

CWE-288 CWE-284

References

github.com /zed-industries/zed/security/advisories/GHSA-x34m-39xw-g2wr

{
    "lastseen": "",
    "description": "Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific configuration file, leading to the execution of arbitrary commands on a victim's machine without the explicit approval that would otherwise be required. This vulnerability has been patched in version 0.197.3. A workaround for this issue involves either avoid sending prompts to the Agent Panel, or to limit the AI Agent's file system access.",
    "published": "2025-08-11T21:25:40.465Z",
    "modified": "2025-08-11T21:25:40.465Z",
    "type": "cve",
    "title": "Zed AI Agent Remote Code Execution",
    "source": "GitHub_M",
    "references": "https://github.com/zed-industries/zed/security/advisories/GHSA-x34m-39xw-g2wr",
    "id": "CVE-2025-55012",
    "bulletinFamily": "",
    "cwe": [
        "CWE-288",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "zed-industries zed < 0.197.3",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "zed",
    "version": "< 0.197.3",
    "vendor": "zed-industries",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}