CVE-2025-62222

HIGH

GitHub Copilot Chat < 0.32.5 - Remote Code Execution via Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-62222. PoCs published by SadisticNight.

AI-analyzed exploit summary This PoC demonstrates a remote code execution (RCE) vulnerability in GitHub Copilot Chat by injecting hidden prompts in code comments to manipulate the AI into suggesting malicious PowerShell commands to users.

Description

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.

Exploits (1)

nomisec WORKING POC 1 stars

by SadisticNight · poc

https://github.com/SadisticNight/PoC-CVE-2025-62222

View Code ZIP pw:eip

This PoC demonstrates a remote code execution (RCE) vulnerability in GitHub Copilot Chat by injecting hidden prompts in code comments to manipulate the AI into suggesting malicious PowerShell commands to users.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GitHub Copilot Chat in VS Code

No auth needed

Prerequisites: Victim must open the malicious file in VS Code with GitHub Copilot Chat enabled · Attacker must have a listener set up to receive the reverse shell

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62222

Scores

CVSS v3 8.8

EPSS 0.0072

EPSS Percentile 49.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-20 CWE-77

Status published

Products (1)

microsoft/github_copilot_chat < 0.32.5

Published Nov 11, 2025

Tracked Since Feb 18, 2026