CVE-2025-53773
Published: 12 August 2025
Summary
CVE-2025-53773 is a high-severity Command Injection (CWE-77) vulnerability in Microsoft Visual Studio 2022. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 6.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
Deeper analysis
CVE-2025-53773 is a command injection vulnerability (CWE-77) affecting GitHub Copilot and Visual Studio. It carries a CVSS 3.1 base score of 7.8 with the vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H and permits an attacker to execute code on the local system through improper neutralization of special elements in commands.
An unauthorized attacker can trigger the flaw locally without authentication when a user interacts with the affected components, resulting in full compromise of confidentiality, integrity, and availability on the targeted system.
Microsoft Security Response Center guidance and related technical analyses are available at the published references, including the official update guide and a detailed write-up on prompt-injection vectors leading to remote code execution.
The associated EPSS score stands at 0.1209 with no material increase from its recorded peak.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-24366
Vulnerability details
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: github copilot
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables prompt injection in GitHub Copilot/VS Code for client-side exploitation (T1203), command execution via shell (T1059), tool/malware ingress (T1105), disabling Copilot safeguards via settings modification (T1562.001), supply chain compromise through code repo infection (T1195.002), and obfuscated payloads with invisible text (T1027).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.