Unsafe symlink following in restricted workspace-write sandbox leads to RCE

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory.

Basic Information

ID CVE-2025-55345

Source JFROG

Published Aug 13, 2025 at 08:55

Affected Product

Affected Versions 0

CWE Classification

CWE-61

References

{
    "lastseen": "",
    "description": "Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory.",
    "published": "2025-08-13T08:55:14.016Z",
    "modified": "2025-08-13T08:55:14.016Z",
    "type": "cve",
    "title": "Unsafe symlink following in restricted workspace-write sandbox leads to RCE",
    "source": "JFROG",
    "references": "https://research.jfrog.com/vulnerabilities/codex-cli-symlink-arbitrary-file-overwrite-jfsa-2025-001378631/\nhttps://github.com/openai/codex/pull/1705",
    "id": "CVE-2025-55345",
    "bulletinFamily": "",
    "cwe": [
        "CWE-61"
    ],
    "cvelist": null,
    "sourceData": "  0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "",
    "version": "0",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Unsafe symlink following in restricted workspace-write sandbox leads to RCE_CVE-2025-55345