Cyber Resilience

CVE-2025-49714

High

Published: 08 July 2025

Published
08 July 2025
Modified
16 July 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0072 72.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-49714 is a high-severity Trust Boundary Violation (CWE-501) vulnerability in Microsoft Python. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 27.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
python
≤ 2025.8.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-501

Establishes and maintains trust boundaries with external organizations before allowing their systems to interact with organization resources.

addresses: CWE-501

Prevents information from crossing trust boundaries without explicit approved authorizations.

addresses: CWE-501

Defining interfaces, controls, and trust responsibilities in agreements helps prevent violations of trust boundaries during data exchanges.

addresses: CWE-501

Authorizing and reviewing connections helps maintain proper trust boundaries between internal components.

addresses: CWE-501

Controlling media movement outside controlled areas maintains separation between internal and external trust boundaries.

addresses: CWE-501

Review of inter-system matching programs identifies and corrects trust-boundary violations before data crosses organizational or policy domains.

addresses: CWE-501

Defines explicit trust boundaries for PII use via documented purposes and prevents processing outside those boundaries.

addresses: CWE-501

Explicitly binding attributes to information crossing trust boundaries prevents loss of security context that leads to trust-boundary violations.

References