CVE-2025-64107
📋 TL;DR
This vulnerability in Cursor AI code editor allows attackers to bypass path manipulation detection by using backslashes instead of forward slashes, enabling unauthorized overwriting of sensitive editor files on Windows systems. It affects users running Cursor version 1.7.52 or below on Windows. Attackers need initial access through prompt injection or other control mechanisms to exploit this.
💻 Affected Systems
- Cursor AI Code Editor
📦 What is this software?
Cursor by Anysphere
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, data theft, or malware deployment on affected Windows machines.
Likely Case
Unauthorized modification of editor configuration files, potentially enabling further attacks or disrupting development workflows.
If Mitigated
Limited impact with proper access controls and monitoring, though file integrity could still be compromised.
🎯 Exploit Status
Requires initial access through prompt injection or similar control mechanism. Path manipulation with backslashes bypasses the forward-slash detection.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0
Vendor Advisory: https://github.com/cursor/cursor/security/advisories/GHSA-2jr2-8wf5-v6pf
Restart Required: Yes
Instructions:
1. Open Cursor editor. 2. Go to Settings > About. 3. Check current version. 4. If below 2.0, download and install version 2.0 from official sources. 5. Restart Cursor after installation.
🔧 Temporary Workarounds
Disable AI features temporarily
allDisable AI-assisted coding features to reduce prompt injection attack surface
Cursor settings > AI Features > Disable all AI capabilities
Restrict file permissions
windowsSet read-only permissions on .cursor directory and configuration files
icacls "%USERPROFILE%\.cursor" /deny Everyone:(F)
🧯 If You Can't Patch
- Monitor for unauthorized modifications to .cursor directory and configuration files
- Implement strict input validation and sanitization for AI prompt inputs
🔍 How to Verify
Check if Vulnerable:
Check Cursor version in Settings > About. If version is 1.7.52 or below, system is vulnerable on Windows.Check Version:
In Cursor: Help > About or Settings > AboutVerify Fix Applied:
Verify version is 2.0 or higher in Settings > About. Test path manipulation attempts with backslashes should now be properly detected.📡 Detection & Monitoring
Log Indicators:
- Unusual file modifications in .cursor directory
- Multiple failed path validation attempts
- Backslash path manipulation patterns
Network Indicators:
- Unusual outbound connections from Cursor process
- Downloads to .cursor directory from untrusted sources
SIEM Query:
Process: Cursor.exe AND (FileModification: *.cursor\* OR CommandLine: *\\.cursor\*)