Cyber Resilience

CVE-2025-56803

HighPublic PoC

Published: 03 September 2025

Published
03 September 2025
Modified
26 September 2025
KEV Added
Patch
CVSS Score v3.1 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0026 49.5th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-56803 is a high-severity OS Command Injection (CWE-78) vulnerability in Figma Desktop. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 49.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-56803 is a command injection vulnerability (CWE-78) in the local plugin loader of Figma Desktop for Windows version 125.6.5. The flaw occurs when a crafted "build" field in a plugin's manifest.json is passed directly to child_process.exec without validation, allowing execution of arbitrary OS commands and potential remote code execution (RCE). It has a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

The attack requires a local attacker to create or load a malicious plugin locally and trigger the build procedure, which executes the injected command. However, the supplier disputes the vulnerability's severity, stating it only enables a local user to attack themselves, as the local build procedure is not used for plugins shared to the Figma Community.

Details on the issue, including proof-of-concept, are documented in researcher advisories at https://github.com/shinyColumn/CVE-2025-56803 and https://shinycolumn.notion.site/figma-command-injection. No patches or official mitigations from Figma are referenced in available information.

EU & UK References

Vulnerability details

Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local plugin loader. An attacker can execute arbitrary OS commands by setting a crafted build field in the plugin's manifest.json. This field is passed to child_process.exec without…

more

validation, leading to possible RCE. NOTE: this is disputed by the Supplier because the behavior only allows a local user to attack himself via a local plugin. The local build procedure, which is essential to the attack, is not executed for plugins shared to the Figma Community.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1059.003 Windows Command Shell Execution
Adversaries may abuse the Windows command shell for execution.
Why these techniques?

The command injection vulnerability in Figma Desktop's plugin loader enables arbitrary OS command execution via a crafted 'build' field in manifest.json, passed unsanitized to child_process.exec(), facilitating exploitation for client execution (T1203) and Windows Command Shell (T1059.003).

CVEs Like This One

CVE-2025-63916Shared CWE-78
CVE-2026-22035Shared CWE-78
CVE-2026-32000Shared CWE-78
CVE-2026-28391Shared CWE-78
CVE-2026-30302Shared CWE-78
CVE-2026-24844Shared CWE-78
CVE-2025-1244Shared CWE-78
CVE-2025-11953Shared CWE-78
CVE-2026-7461Shared CWE-78
CVE-2026-31999Shared CWE-78

Affected Assets

figma
desktop
125.6.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely identification, reporting, and correction of the command injection flaw in Figma Desktop's local plugin loader.

prevent

Mandates validation of untrusted inputs like the crafted 'build' field in plugin manifest.json before execution via child_process.exec, preventing command injection.

prevent

Restricts or requires approval for user-installed plugins, mitigating the loading of locally crafted malicious plugins that exploit the build procedure.

References