Dark Reading reports that a newly discovered security vulnerability in the Cursor development environment allows for the effortless execution of malicious binaries, as detailed by offensive security firm Mindgard.The vulnerability centers on how Cursor resolves Git binaries. An attacker can place a malicious file named "git.exe" at the root of a Git repository. When a developer opens a project containing this poisoned file in Cursor, the application automatically executes it without warning, granting the attacker code execution with the developer's privileges. Mindgard demonstrated this by renaming the Windows Calculator to "git.exe" and successfully executing it simply by opening the repository in Cursor. Mindgard reported the vulnerability to Cursor in December, but as of July, the issue remained unaddressed, leading to a non-coordinated disclosure.While Cursor stated they are addressing the issue, they have not provided a timeline for a fix. Until then, users are advised to open untrusted repositories only in isolated environments like a virtual machine or Windows Sandbox. Administrators can implement AppLocker or Windows App Control policies to deny execution of git.exe from workspace directories.Source: Dark Reading
Vulnerability Management
Cursor vulnerability allows execution of malicious binaries

(Credit: Robert – stock.adobe.com)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



