A high-risk privilege escalation vulnerability in Claude Code has been exploited by hackers to attack encrypted users.

avatar
MarsBit
01-08
This article is machine translated
Show original

[Claude Code High-Risk Privilege Escalation Vulnerability Exploited by Hackers to Attack Encrypted Users] Mars Finance reported on January 8th that 23pds, a security researcher from the SlowMist team, forwarded a report from researcher Adam Chester, revealing a privilege escalation and command execution vulnerability in Anthropic's Claude Code. The vulnerability, CVE-2025-64755, allows attackers to execute commands without user authorization, and the related Proof-of-Concept (PoC) has been publicly released. This issue is considered similar to a vulnerability previously disclosed in the Cursor tool. 23pds stated that phishing hackers have already exploited this vulnerability to attack encrypted users.

Source
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments