CVE-2021-31213
published 2021-05-11CVE-2021-31213: Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
PriorityP355high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
52.75%
98.8th percentile
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | remote | < 0.177.2 | 0.177.2 |
| microsoft | visual_studio_code_remote_containers_extension | >= 1.0.0 < 1.56 | 1.56 |
| msrc | visual_studio_code_remote_containers_extension | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Exploitation requires user interaction — victim must be enticed to open a malicious file in a directory via the VS Code Remote Containers extension. ↗
- ·As of the advisory publication, the vulnerability had not been publicly disclosed or exploited in the wild; exploitation was rated 'Less Likely' for both latest and older software releases. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
vendor_msrc·2021-05-11·CVSS 7.8
CVE-2021-31213 [HIGH] Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have be enticed to open a malicious file in a directory. Users should never open anything that they do not know or trust to be safe.
Visual Studio Code: Visual Studio Code
Microsoft: Microsoft
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Remediation: Release Notes
Reference: https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers
GHSA
GHSA-pmrr-mqp2-p4g9: Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-31213 [HIGH] GHSA-pmrr-mqp2-p4g9: Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
2021-05-11
Published