Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-remote-code-execution/
Source: Embrace The Red
Title: Amazon Q Developer: Remote Code Execution with Prompt Injection
Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a popular coding agent, with over 1 million downloads.
The extension is vulnerable to indirect prompt injection, and in this post we discuss a vulnerability that allowed an adversary (or also the AI for that matter) to run arbitrary commands on the host without the developer’s consent.
The resulting impact of the vulnerability is the same as CVE-2025-53773 that Microsoft fixed in GitHub Copilot, however AWS did not issue a CVE when patching the vulnerabiliy.
AI Summary and Description: Yes
Summary: The text discusses a significant security vulnerability within the Amazon Q Developer VS Code Extension, highlighting the risk of indirect prompt injection that can permit arbitrary command execution on the host system. This vulnerability parallels a known issue addressed in Microsoft’s GitHub Copilot yet remains untracked by AWS through a CVE.
Detailed Description: The provided text outlines a critical security issue related to the Amazon Q Developer VS Code Extension, which is significant for security professionals. The points of interest include:
– **Vulnerability Overview**:
– The extension faces a vulnerability tied to indirect prompt injection. This flaw allows malicious actors, including potentially the AI itself, to execute arbitrary commands on the developers’ systems without authorization.
– **Impact Similarity**:
– The vulnerability’s ramifications mirror those of CVE-2025-53773, which Microsoft addressed in its GitHub Copilot extension. This similarity indicates a broader issue in AI development environments concerning security vulnerabilities.
– **Lack of CVE Notification**:
– Unlike Microsoft, AWS did not publish a Common Vulnerabilities and Exposures (CVE) record for this security issue when it was patched. This absence of formal acknowledgment can lead to a lack of awareness and preparedness amidst users relying on the extension for secure development practices.
Implications for Professionals:
– Security professionals must evaluate and audit the Amazon Q Developer VS Code Extension and other similar tools for potential vulnerabilities.
– Organizations should prioritize the implementation of thorough security assessments for coding tools, similar to those conducted for other software extensions, to mitigate risks from unidentified or untracked vulnerabilities.
– **Best Practices**:
– Regular scrutiny of tools and extensions utilized in development processes to identify any emerging vulnerabilities.
– Advocacy for vendors to report vulnerabilities through established channels such as CVE to promote transparency in security practices.
Overall, this case serves as a reminder of the need for stringent security measures and awareness in the context of development tools, especially those powered by AI technologies.